- An overarching company policy identifying the regulations and legislation applicable to the company's business and mandating management of controlled technology, including technical data.
- Identification of facilities and/or premises within facilities to which the requirements apply.
- Identification of company personnel with responsibilities for acting in accordance with the TCP.
- Definitions of "Controlled technology" and other key terminology.
- Linkages to classified materials and systems should be identified, where relevant. (e.g. DISP)
- Specific references/ to both domestic and foreign export control requirements should be made.
- Guidance on access to IT systems, to prevent unauthorised transfer of controlled technology, should be outlined.
- Procedures for document control, handling, and destuction should be described.
A Technology Control Plan is an essential compliance tool for any company managing ITAR controlled technology. A TCP the rules by which controlled goods and technology are to be managed in compliance with the legislative requirements of the ITAR and EAR.
A Technology Control Plan outlines policies and procedures for managing ITAR and EAR controlled technology within the organisation and how the technology can be shared with and amongst third parties, contractors and employees.
The TCP should specify what constitutes controlled technology, outline access control arrangements, and should include the following key areas to help ensure proper management of export controlled material: