ITAR (International Traffic in Arms Regulations) information
- Thread starter dsanabria
- Start date
Moderators, how about splitting this off as a new topic?
I think you need to be more specific as to what you want to know. You can start at https://www.pmddtc.state.gov/regulations_laws/itar_consolidated.html
Now that I'm home for the weekend (or most of it) I had a chance to dig out my notes.
ITAR -- International Traffic In Arms Regulations
There is a reasonable article on the topic on Wikipedia
https://en.wikipedia.org/wiki/International_Traffic_in_Arms_Regulations
The regulations restrict sending things out of the United States that in theory at least could come back to us in a hostile manner. The types of things involved are referred to as RTI or Restricted Technical Items.
RTI includes hardware, information, software, technical know how, and technologies.
RTI generally does not include quality management system information.
RTI generally would include things like drawings, tooling fixtures, gauges, and the items needed to make a restricted item.
Export is defined as RTI which has been given by any means to a Foreign Person. Anyone who is not a US person is a foreign person. That would be anyone who is not a US citizen or permanent resident alien (green card holder).
Person definition includes entities or companies.
Definition of export of technical data includes physically giving information to a person (hard copy or digital), Telling someone how a part is manufactured, and showing technical data to someone. It also includes transporting that information to a foreign country, even if you don't share it with a non US person. (This should give pause to anyone traveling internationally that may have any RTI on their laptop, even if it was unknown that it was RTI).
Auditors need to be careful around RTI. They should identify themselves as a US person. If not a US person, they should avoid RTI. They need to control any RTI they may have, no matter how insignificant they may think it is. They need to be careful not to write findings in such a manner that they disclose an RTI.
I hope this is useful.
ITAR -- International Traffic In Arms Regulations
There is a reasonable article on the topic on Wikipedia
https://en.wikipedia.org/wiki/International_Traffic_in_Arms_Regulations
The regulations restrict sending things out of the United States that in theory at least could come back to us in a hostile manner. The types of things involved are referred to as RTI or Restricted Technical Items.
RTI includes hardware, information, software, technical know how, and technologies.
RTI generally does not include quality management system information.
RTI generally would include things like drawings, tooling fixtures, gauges, and the items needed to make a restricted item.
Export is defined as RTI which has been given by any means to a Foreign Person. Anyone who is not a US person is a foreign person. That would be anyone who is not a US citizen or permanent resident alien (green card holder).
Person definition includes entities or companies.
Definition of export of technical data includes physically giving information to a person (hard copy or digital), Telling someone how a part is manufactured, and showing technical data to someone. It also includes transporting that information to a foreign country, even if you don't share it with a non US person. (This should give pause to anyone traveling internationally that may have any RTI on their laptop, even if it was unknown that it was RTI).
Auditors need to be careful around RTI. They should identify themselves as a US person. If not a US person, they should avoid RTI. They need to control any RTI they may have, no matter how insignificant they may think it is. They need to be careful not to write findings in such a manner that they disclose an RTI.
I hope this is useful.
J
Joy
Can a foreign auditor conduct audit in organisations where ITAR is applicable? I am missing a training in USA this week as it was linked to an audit to save travel cost. The organisation asked for change of auditor and my training is missed
I remember one audit where ITAR was applicable and at that time I was very new to AS audits. The organisation took some approval from the authority and I was briefed about the requirements before audit, also signatures on agreement. I was asked not to record anything on check list which can be informative. This was applicable for the LA from USA also. We used to keep the AS9101C in the organisation. Finally the MR checked all documents and asked to delete few information.
Nations have the right to enforce these requirements to safeguard the interest of its citizen. Only few occasions when innocents suffers-missing of my training this week
Last edited by a moderator:
Can a foreign auditor conduct audit in organisations where ITAR is applicable? I am missing a training in USA this week as it was linked to an audit to save travel cost. The organisation asked for change of auditor and my training is missed
I remember one audit where ITAR was applicable and at that time I was very new to AS audits. The organisation took some approval from the authority and I was briefed about the requirements before audit, also signatures on agreement. I was asked not to record anything on check list which can be informative. This was applicable for the LA from USA also. We used to keep the AS9101C in the organisation. Finally the MR checked all documents and asked to delete few information.
Nations have the right to enforce these requirements to safeguard the interest of its citizen. Only few occasions when innocents suffers-missing of my training this week
Since I'm a US person, that's not an issue that I have learned in much depth. My understanding is that there are some countries that their citizens cannot audit companies with ITAR concerns. Other countries that their citizens can, but permission must be granted by the US government. In the example you quoted, the Management Representative did the right thing in controlling sensitive items on the audit report.
Similar threads
