A Technology Control Plan (TCP) describes the controls required to protect export controlled items, technical data, and CUI present at a facility to ensure compliance to federal regulations and contractual requirements.
Technical Data
As defined in the International Traffic in Arms Regulations (ITAR) technical data is information which is pertinent for the design, development, production, manufacture, assembly, operation, repair, testing, maintenance, or modification of defense articles. It can also refer to classified information, software for use on defense articles, or information covered by an invention secrecy order. This information must be secured from access of foreign persons to protect US national security and foreign policy objectives.
Components of a Technology Control Plan
A TCP should identify persons who have authorized access to controlled items and technology within the facility. It must detail procedures for screening visitors, employees, customers, and vendors against all embargoed/sanctioned countries and activities, all proscribed destinations, and all end-user and persons prohibitions. It should include a site specific physical security plan that addresses how items are to be stored and secured from unauthorized access. Additionally, it should detail how export controlled items are to be returned or destroyed when no longer needed.
Information Security Plan
Export compliance responsibilities include the securing of electronic information; therefore, the Technology Control Plan should also outline the controls of the organization’s Information Security Management System (ISMS). Most organizations involved in export regulated articles and technology are already required under federal contractual obligation to secure Controlled Unclassified Information (CUI) so this information is likely to be already available.
CVG Strategy Access Control Signs, Badges, and Visitor Logs
Visitor Badges and Visitor Sign-in Registers
Visitor badges provide a visual identification of visitors to your facility and give notice to personnel of requirements for access restriction and ensure that visitors are accompanied at all times by credentialed personnel. Visitor Sign-In Registers provide a logging mechanism for visitors granted access to premises and notifies visitors upon signing in of security requirements.
Facility Security Signs
Facility Security Signs inform visitors and remind personnel of defined controlled areas where export regulated articles, Controlled Unclassified Information (CUI), or sensitive information are present. These signs are an integral part of a comprehensive facility security program. CVG Strategy’s Signs & Badges Store has a variety of signs, badges, and visitor logs to help your organization meet its physical and environmental security requirements. These offerings provide solutions for both export compliance and cybersecurity.
CVG Strategy also offers a wide array of EZ-Test Plan Templates for product test and evaluation that meet the requirements of MIL-STD-810, MIL-STD-461, MIL-STD-1275, MIL-STD-704, and others. Each environmental test plan is compliant with MIL-STD-810 Task 405. EMI/EMC test plans are compliant with MIL-STD-461 per DI-EMCS-80201.