close
lumiform
Lumiform Mobile audits & inspections
Get App Get App
Lumiform / Templates / ITAR Compliance Audit Template

ITAR Compliance Audit Template

Use this extensive audit template to carry yearly compliance audits and identify ITAR non-compliance based on export clearance requirements, ITAR-controlled technical data, use of ITAR exceptions, and more. This 60-point checklist template is designed for compliance officers to quickly determine ITAR compliance based on 26 categories, including registration, licenses, and voluntary disclosure.

Downloaded 49 times

Rated 5/5 stars on Capterra

Say goodbye to paper checklists!

Lumiform enables you to conduct digital inspections via app easier than ever before
  • Cut inspection time by 50%
  • Uncover more issues and solve them 4x faster
  • Select from over 5,000 expert-proofed templates

Digitalize this paper form now

Register for free on lumiformapp.com and conduct inspections via our mobile app

  • Cut inspection time by 50%
  • Uncover more issues and solve them 4x faster
  • Select from over 4000 expert-proofed templates
Rated 5/5 stars on Capterra
App Store Play Store

ITAR Compliance Audit Template

ITAR Compliance Audit

Jurisdiction and Classification

Has the company properly determined if its products being exported are on the U.S. Munitions List (“USML”) and subject to ITAR?
Has the company maintained adequate records of the basis of its classification for each of its products?
Has the company complied with the ITAR recordkeeping requirements as set forth at 22 CFR § 122.5?
Is an export license required for a transaction?
If an export license is required for a transaction, has the company obtained the license (e.g. DSP-5, DSP-6, DSP- 73, DSP-74)?
Has the company complied with the terms, conditions, and provisos set forth in the license?

ITAR–Controlled Technical Data and Software

Has the company disclosed ITAR-controlled technical data to Foreign Persons in the U.S. (including to employees) with a license or applicable exemption?
Has the company transferred technical data regarding ITAR-controlled items with a license or applicable exemption to 1) Foreign sales agents or marketing intermediaries; 2) Foreign prospective customers as part of marketing proposals; 3) Prime or subcontractors, suppliers, program partners; and 4) Persons in trade shows, marketing presentations?
Have company employees taken ITAR-controlled technical data in overseas travel, including in documents, laptop computers, PDA’s, iPhones, iPads and similar devices with a license?
Has the company transferred ITAR-controlled technical data to company employees who are Foreign Persons specifically authorized in the company’s Technical Assistance Agreements or other DDTC authorizations? (This includes in both foreign offices and in U.S. offices.)
Has the company NOT posted ITAR-controlled technical data or software on websites, chat rooms or transferred such items to Foreign Persons through e-mails, text messages, e-mail attachments, faxes, videos, telephone calls or other electronic communications?

Defense Services

Has the company performed any services for Foreign Persons related to any items on the USML, or items within the definition of Defense Services, with a Technical Assistance Agreement (“TAA”) or other applicable agreement approved by DDTC? (This includes services performed in the U.S. and overseas.)
Will the company be performing services for foreign military customers in connection with the sale of items subject to EAR?
Has the company performed services for a foreign military organization or foreign defense industry company in connection with an item regulated under the EAR?

Imports of Defense Items

Has the company imported any items on the USML in temporary import transactions or on the USML in permanent import transactions with a license?

Registration

Is the company registered with DDTC as a manufacturer and/or an exporter?
Has the company notified DDTC within 5 days of changes of the information set forth in its Registration Statement?
Does the company engage in brokering activities that require the company to register as a broker?

Debarred Party List Review

Has the company conducted reviews of all parties to its transactions involving ITAR-controlled items to verify that such parties are not listed on DDTC’s Debarred Parties List?

Export Clearance Requirements

Has the company complied with the export procedures for exports of ITAR-controlled unclassified technical data?
Has the company complied with the export procedures for its exports of ITAR-controlled hardware?
Has the company complied with the export procedures for the performance of Defense Services?

Reexports and Retransfers

If an ITAR-controlled item was properly exported (including ITAR-controlled technical data), was proper authorization obtained for reexports or retransfers of such items?

License/Agreement Administration

Has the company followed the requirements for the proper administration of licenses and agreements?

See-Through Rule

Has the company exported, reexported or retransferred an item that incorporates ITAR-controlled parts, components, attachments or accessories or is based upon ITAR-controlled technical data?

Reports For Sales Commissions, Fees and Political Contributions

Has the company or its Vendors (as defined at 22 CFR § 130.8) paid or offered to pay sales fees or commissions in connection with the sale of ITAR-controlled items in excess of $100,000, or political contributions in excess of $5,000?

Receipt, Tracking, Marking and Security for ITAR-Controlled Items

Does the company provide adequate security within its facilities to prevent unauthorized access to ITAR-controlled items (including access by Foreign Persons)?
Does the company provide adequate notice to customers and other parties to which the company transfers ITAR-controlled items that such items are ITAR-controlled, through the use of destination control statements and other forms of notice such as under 22 CFR § 123.9(b)? (This includes transfers in the U.S. as well as transfers to overseas parties.)
Does the company properly mark all ITAR-controlled products, technical data, and software within the company’s facilities to provide adequate notice that such items are ITAR-controlled?

Processing, Handling or Forwarding of ITAR-Controlled Items

Does the company track ITAR-controlled items if it receives them within its facilities?

Controls In Company IT System

Does the company maintain adequate controls in its information technology system to protect against unauthorized access, disclosure and transfer of ITAR-controlled technical data and software?

Manufacturing License Agreements and Distribution Agreements

Is the company licensing ITAR-controlled technical data to permit the manufacture overseas of an item on the USML?
Is the company establishing a warehouse or distribution point abroad for defense articles exported from the U.S. for subsequent distribution to entities in a sales territory approved by DDTC?

Brokering

Has the company engaged in “brokering” activity as defined at 22 C.F.R. Part 129?
If the company retains third parties to engage in “brokering activity” on behalf of the company as defined in § 129.2(a) and (b), have such third parties registered with DDTC under 22 CFR Part 129?

Use of ITAR Exemptions

Has the company relied on exemptions from requirements under ITAR?

Proscribed Countries, Significant Military Equipment and Major Defense Equipment

Has the company engaged in any unauthorized transactions involving ITAR-controlled items with any of the “§ 126.1 Proscribed Countries”?

Classified Defense Articles and Technical Data

Have the company’s exports of classified defense articles and technical data complied with the provisions of 22 CFR § 125.3 and 125.9, including use of DSP-85, as well as the NISPOM?

Obligations In Working With Subcontractors and other Program Partners

Will the company be working with subcontractors, teaming partners or other independent parties in the transaction?

Congressional Notification For Defense Articles and Agreements

Has Congressional Notification been provided in connection with exports of defense articles that exceed the threshold amounts set forth at 22 CFR § 123.15, or major defense equipment as defined at 22 CFR § 120.8?
Has Congressional Notification been provided for TAA’s and MLA’s for manufacturing abroad defense items classified as Significant Military Equipment as set forth in 22 CFR § 124.11?

Parts and Components – Definition of “Specially Designed”

For parts, components, attachments, and accessories that are still covered under USML “catch-all” provisions following Export Control Reform, do such items fall within the definition of “Specially Designed” as set forth at 22 CFR § 120.41?

ITAR Items Acquired In Mergers and Acquisitions

Is the company undertaking acquisition transactions?

Procedure To Limit Illegal Diversion, Transshipment and Reexports

Does the company face the risk of illegal diversion, transshipment, reexport or retransfer in its transactions?

Voluntary Disclosures

If a violation or possible violation has occurred, has the company considered submitting a voluntary disclosure to DDTC to reduce or mitigate potential penalties and eliminate past compliance risks?

Sign Off

Observations
Compliance Manager Name
Compliance Manager Signature
Department Representative Name
Department Name
Department Representative Signature
Share this template:
left-arrow Previous template
Next template right-arrow

Please note that this checklist template is a hypothetical appuses-hero example and provides only standard information. The template does not aim to replace, among other things, workplace, health and safety advice, medical advice, diagnosis or treatment, or any other applicable law. You should seek your professional advice to determine whether the use of such a checklist is appropriate in your workplace or jurisdiction.