The Directorate of Defense Trade Controls (DDTC) recently published an ITAR Compliance Assessment Risk Matrix. TSI Global Consulting has reviewed this interesting document and highly recommends that our clients who operate in the ITAR defense space take the time to review and use this new tool. The detailed matrix allows organizations to assess their degree of ITAR compliance and risk profile, identifying gaps in your compliance plan which have a high probability of leading to ITAR violations. The matrix is highly useful for risk/gap analysis and in creating an effective ITAR based export compliance program and manual. The matrix which describes companies based on low risk, medium risk and high risk is divided into three broad categories including:
- Enterprise Risks – These risks should be understood as areas applicable to the entire organization, not the size of structure of the organization.
- Organizational Function Risks – These risks should be understood as areas that are typically most applicable to the function or group within the identified responsibilities. If your organization does not have a function or group performing these tasks specifically, you should still consider these risks and where they exist in your organization.
- ITAR Compliance Program Element Risks.
Click here to download a copy of the new DDTC ITAR Risk Matrix. We suggest you evaluate this against your own company compliance program and procedures. For additional assistance in creating an ITAR or EAR based compliance program and manual please contact TSI Global Consulting.