How to Develop an ITAR Compliant Program |

Compliance with the International Traffic in Arms Regulations (ITAR) is required of a business involved in manufacturing of defense articles, ITAR technical data or defense services. These defense related articles and services are not limited to-Item of significant military or intelligence applicability
-Any modification for a military or defense purpose, no matter how minor, is sufficient for an article to be considered a “defense article”
-Any item or technical data designated in the United States Munitions List
-Technical data can include: Information which is required for the design development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of defense articlesThis costly program is required by law and businesses without sufficient knowledge on ITAR compliance may risk to heavy fines or criminal penalties for non-compliance which can result in loss/damage in business relations.Different areas need to be addressed to put ITAR compliance in effect. They are given below.I. Corporate Commitment
Corporate commitment to meeting and maintaining all ITAR guidelines should be clearly identified in the ITAR compliant program. The program should include person(s) responsible for overseeing ITAR compliance program, senior company management’s directive describing the company commitment to ITAR compliance and duties and authorities for key persons who maintain ITAR requirements.II. Document control program
Identification, receipt and tracking, access, communication and disposal to inside/outside sources of ITAR controlled information /products should be addressed in the document control Program.III. Human Resource program
The compliance program should address hiring and training practices, controls over hiring (US Citizens vs. foreign nationals), citizenship verification, training on specific ITAR guidelines and employee responsibilities relating to ITAR controlled items.IV. Internal Audit program
Internal audit needs to be established once ITAR program is developed to maintain compliance and effectiveness of the program. Auditor training, results from internal audits, yearly audit schedule, corrective actions taken to correct violations should be maintained.V. Vendor Control program
It is important that all supplier/subcontractors involved in ITAR controlled items understand their responsibility in terms of access, transmission and documentation of ITAR related items. The compliance program should address how the above is controlled.VI. Work Environment control program
The program should address controls over visitors/subcontractors who may have access to controlled items, secured access points to your facility, controls over recording devices (i.e. cell phones, cameras) and secured storage areas for controlled items.VII. Record Maintenance program
Retention periods, secured storage areas, controls and back-ups for electronic records and storage of records on personal computers related to ITAR items should be addressed in the record maintenance program.