🇺🇸 Live Defense & National Security

ITAR (22 CFR 120-130)

Controls the export and temporary import of defense articles and defense services, requiring State Department authorization for international transfers. Applies to manufacturers, exporters, and brokers of defense-related items on the U.S. Munitions List.

177

Rules extracted

1,488

Obligations decomposed

8.4x

Avg obligations per rule

🇺🇸 United States

Jurisdiction

What AuditDSS covers

Source

Regulation

Extracted

177

Rules

Decomposed

1,488

Obligations

8.4x

Decomposition ratio

Each rule is decomposed into an average of 8.4 atomic obligations — the smallest testable units that can be independently violated.

Fully extracted & scored

All 1,488 obligations have been decomposed, titled, risk-scored, and embedded for semantic matching.

Risk scoring

Every obligation in ITAR is scored across independent risk dimensions:

Obligation Weight

How critical within the regulatory framework

Violation Likelihood

How often breached in practice

Enforcement Evidence

Regulator enforcement history and penalties

Cascade Dependency

How many obligations depend on this one

Regulatory details

Full title: ITAR (22 CFR 120-130)
Regulatory body: Directorate of Defense Trade Controls
Jurisdiction: 🇺🇸 United States
Document type: regulation
Effective date: October 1, 1976
Industry: Defense & National Security

Who this applies to

defense manufacturersexporters of defense articlesbrokers of defense servicesdefense contractors

Key requirements

registration with DDTC
export license requirements
technical data controls
brokering controls
prohibited countries
end-use monitoring
violations disclosure

Frequently asked questions about ITAR

What is ITAR?

Who does ITAR apply to?

ITAR applies to defense manufacturers, exporters of defense articles, brokers of defense services, defense contractors.

How many obligations does ITAR contain?

AuditDSS has decomposed ITAR into 1,488 atomic obligations from 177 rules. Each obligation is independently testable and risk-scored.

What are the key requirements of ITAR?

The key requirements include: registration with DDTC, export license requirements, technical data controls, brokering controls, prohibited countries, end-use monitoring, violations disclosure.

How can I assess my ITAR compliance?

Upload your compliance policy to AuditDSS. The platform maps your document against all 1,488 ITAR obligations using deterministic AI scoring — not checklists or LLM summaries. You get a risk-scored gap analysis showing exactly which obligations are covered, partially covered, or missing.

Which jurisdiction enforces ITAR?

ITAR is enforced in United States by Directorate of Defense Trade Controls.

When did ITAR come into effect?

ITAR became effective on October 1, 1976.

What industry does ITAR apply to?

ITAR is primarily relevant to the Defense & National Security industry. AuditDSS covers 69 regulations in this industry sector.

Build a ITAR compliance pack

Don't have a compliance policy yet? AuditDSS generates a complete compliance pack for ITAR — alone or combined with other regulations your business needs. Every clause is mapped to specific obligations.

Policy

High-level commitments and governance framework covering ITAR requirements.

Procedures

Step-by-step operational procedures to implement each policy commitment.

Forms & checklists

Ready-to-use forms, registers, and checklists for day-to-day compliance operations.

Multi-regulation

Combine ITAR with other regulations into a single unified compliance pack for your business.

Build ITAR compliance pack

Already have a policy? Assess it against ITAR

Upload your document

Upload your compliance policy, program manual, or operational document. AuditDSS accepts any text-based document.

AI maps against 1,488 obligations

Your document is scored against every obligation in ITAR. Each claim is mapped to the obligation tree and evaluated for coverage.

Risk-scored gap report

Receive every gap ranked by risk priority with remediation guidance, enforcement evidence, and cascade impact analysis.