US ITAR and EAR - Export Control and Data Security
The International Traffic in Arms Regulations (ITAR, 22 CFR Parts 120-130) and Export Administration Regulations (EAR, 15 CFR Parts 730-774) are US export control regimes with significant cybersecurity and data protection implications. ITAR covers defence articles and technical data on the US Munitions List (USML), administered by the State Department Directorate of Defense Trade Controls (DDTC). EAR covers dual-use items on the Commerce Control List (CCL), administered by the Bureau of Industry and Security (BIS). Both require: access controls for controlled data, encryption of technical data, deemed export controls for foreign nationals, cloud computing restrictions, and cybersecurity incident reporting. Violations carry criminal penalties up to $1M and 20 years imprisonment.
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (5)
Access Control
| Code | Title |
|---|---|
| USEXPORT-2 | Access Controls, Deemed Export, Nationality |
Classification
| Code | Title |
|---|---|
| USEXPORT-1 | Jurisdiction and Classification (ITAR USML / EAR CCL) |
Cloud
| Code | Title |
|---|---|
| USEXPORT-3 | Cloud and SaaS Use for Controlled Data |
Enforcement
| Code | Title |
|---|---|
| USEXPORT-5 | Voluntary Disclosure, Enforcement, Penalties |
Licensing
| Code | Title |
|---|---|
| USEXPORT-4 | Licensing, Recordkeeping, Self-Assessment |
Frequently Asked Questions
What is US ITAR and EAR - Export Control and Data Security?
US ITAR and EAR - Export Control and Data Security is a compliance framework from United States (State Dept/BIS) with 5 domains and 5 controls. The International Traffic in Arms Regulations (ITAR, 22 CFR Parts 120-130) and Export Administration Regulations (EAR, 15 CFR Parts 730-774) are US export control regimes with significant cybersecurity and data protection implications. ITAR covers defence articles and technical data on the US Munitions List (USML), administered by the State Department Directorate of Defense Trade Controls (DDTC). EAR covers dual-use items on the Commerce Control List (CCL), administered by the Bureau of Industry and Security (BIS). Both require: access controls for controlled data, encryption of technical data, deemed export controls for foreign nationals, cloud computing restrictions, and cybersecurity incident reporting. Violations carry criminal penalties up to $1M and 20 years imprisonment. It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does US ITAR and EAR - Export Control and Data Security have?
US ITAR and EAR - Export Control and Data Security has 5 controls organised across 5 domains. The largest domains are Access Control (1 controls), Classification (1 controls), Cloud (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does US ITAR and EAR - Export Control and Data Security map to?
US ITAR and EAR - Export Control and Data Security does not currently have cross-framework mappings in our system. Check back as we continuously expand our mapping database.
How do I get started with US ITAR and EAR - Export Control and Data Security compliance?
Start your US ITAR and EAR - Export Control and Data Security compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about US ITAR and EAR - Export Control and Data Security requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 5 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 718 frameworks.
Get Started Free →Free forever — no credit card required