Why Ownership Questions Reveal Governance Gaps Sarah was preparing documentation for an upcoming compliance review…
‘What is’ and ‘How can’ series Part 1: What is ITAR compliance and how can RegDOX help you?
In this posting, we introduce a series of blog posts about ‘what is‘ a particular area of regulatory concern and ‘how can‘ RegDOX provide a solution. We will cover six main areas we offer below for the next four weeks.
1. ITAR
2. DFARS
3. EAR
4. Long-term cloud storage
5. DFARS assessment
In each of the weekly posts in this series we’ll define the topic and provide tips for getting started and how RegDOX can be helpful for your organization to become compliant.
So let’s get going on this ‘What is’ and ‘How can’ series.
Part 1: What is ITAR compliance and how can RegDOX help you?
As a starter, let’s acknowledge that compliance is a pain! We wish there were a single silver bullet for a compliance solution. However, it is a process that involves the entire organization. Any organization that handles Controlled Unclassified Information (CUI) must be NIST SP 800-171 compliant, whether your organization is large or small. If companies do not follow these regulations they can be subject to varying civil and criminal penalties.
What are the International Traffic in Arms Regulations (ITAR)?
As described by the State Department’s Directorate of Defense Trade Controls (DDTC), “the ITAR (22 CFR parts 120-130) governs the manufacture, export, and temporary import of defense articles, the furnishing of defense services, and brokering activities involving items described on the United States Munitions List” [USML]. “. Quoting ITAR & Export Controls, U.S. Department of State, Directorate of Defense Trade Controls website (accessed April 4, 2022). The USML can be found in ITAR section 121.1.
Keep in mind that the USML and the ITAR not only apply to exporting physical goods, but also information, which is defined in the ITAR as technical data (ITAR section 120.10). So, it is critical to safeguard ITAR-controlled materials and equipment as well as your ITAR technical data in a highly secured storage environment.
Why are the ITAR Important?
The ITAR are important because the regulations established an authoritative and mandatory list of compliance guidelines and violating them can cause real problems for your business. But it goes beyond that. ITAR compliance is essential to safeguard our national security.
The ITAR control the manufacture, sale, and distribution of defense-related articles, including military hardware and space-related items. They protect the goods, services, and information that are needed to protect all of us.
Companies must follow the regulations, even if they are not involved in manufacturing ITAR-controlled products, but only use ITAR technical data.
Read more here: What is ITAR and Why is it Important?
How to be ITAR compliant?
There is no such thing as an ‘ITAR certification’ as there are ISO certifications. Therefore, your organization should focus on how to implement policies, plans, and systems to comply with the laws and regulations. You can start by going through RegDOX’s ‘ITAR checklist’. It covers basic information about registering with DDTC, meeting all other requirements of the regulations, implementing a comprehensive and technology-controlled compliance program, receiving training, and following your program on a day-to-day basis.
How can RegDOX help you?
RegDOX’s Secure Data Room provides online solutions for export-controlled technical data.
Learn more about RegDOX ITAR solution
Contact us for more info!
Click to rate this post!
[Total: 0 Average: 0]


This Post Has 0 Comments