ITAR Compliance Software
ITAR-compliant manufacturing ERP for aerospace and defense. US-only data residency, US-persons access controls, and full audit trails for controlled technical data.
ITAR technical data sits in your ERP right now, and one foreign national viewing a drawing is a deemed export with penalties up to $1.1M per access. WorkCell runs ITAR workloads in a US-only environment, supported by US persons, with citizenship enforced at the document level.
Controlled Data Mixed With Commercial Work
Your ITAR drawings live in the same folders as commercial job shop work, and most ITAR manufacturing teams can't show DDTC a clean segregation boundary when asked.
No Way to Enforce US Persons Only
Your ERP has user accounts but no concept of citizenship, so a single onboarding mistake puts a foreign national inside controlled technical data without any export control software catching it.
Audits That Can't Be Reconstructed
DDTC wants every access to a specific drawing over three years with citizenship status at the time of each view, and your current system logs almost none of it.
US-Only Data Residency
ITAR workloads run in a dedicated US-region environment with no replication, backup, or foreign support access, which is the baseline any ITAR ERP has to meet.
US Persons Access Controls
Every user carries a citizenship status tied to documented I-9 or green card verification, and ITAR-restricted records are blocked for anyone not flagged as a US person.
Controlled Document Access
Mark drawings, specs, BOMs, and routings as ITAR-controlled at the document level so this ITAR compliance software hides them from uncleared users in search, exports, and print.
Deemed Export Audit Logs
Every view, download, print, and edit against a controlled document is logged with user, citizenship status at time of access, timestamp, and IP, ready to hand to DDTC or a prime.
Maximum DDTC civil penalty per ITAR violation, adjusted annually for inflation and counted per document, per access, per day
22 CFR 127.10, DDTC Civil Monetary Penalty Adjustments
Honeywell consent agreement with DDTC in 2021 for unauthorized exports of technical drawings covering F-35, F-22, B-1B, and Apache parts to China, Taiwan, Canada, Ireland, and Mexico
US State Department DDTC Consent Agreement
Maximum criminal prison sentence per willful ITAR violation under the Arms Export Control Act, plus criminal fines up to $1M per violation
22 USC 2778(c)
Engineering
Drawings, CAD files, specs, and ECOs inherit the ITAR flag on release and propagate controlled status to every BOM, routing, and work order that references them.
Quality
Inspection plans, first articles, and nonconformance records for ITAR parts stay inside the controlled partition so quality engineers see only the work they're cleared for.
Shop Floor
Operators running ITAR work orders are verified as US persons before the router opens, and every view is logged against the operator badge.
What is ITAR and who has to comply with it?
ITAR is the International Traffic in Arms Regulations, administered by DDTC at the State Department, and it governs defense articles and technical data on the US Munitions List. Any US company in defense manufacturing software, hardware, or services that touches controlled data has to register with DDTC and comply.
What counts as ITAR technical data?
Technical data is any information required to design, produce, repair, or modify a defense article, which includes drawings, CAD files, specs, work instructions, inspection plans, and source code. If it describes how to build the thing, ITAR probably covers it.
How should we evaluate ITAR compliance in manufacturing software?
Confirm the data is stored and backed up only in the US, confirm every administrator and support engineer is a US person on US soil, and confirm the system enforces US-persons-only access at the record level with full citizenship-aware audit logs. Any ITAR ERP that can't answer all three cleanly is a compliance risk.
ITAR Compliance Software
Run ITAR workloads without betting the company on your ERP.