Thank you

Your download is on the way.

You can also get it right now below.

Download Your ITAR Checklist

Who's This Perfect For?

Any company touching ITAR contracts

Aerospace Manufacturing

Machine Shops

Electronics Manufacturing

Construction

Logistics

Ammunition

Tactical Gear

Medical Devices

Simulation Training

Still Curious about cmmc?

Frequently Asked Questions

Question 1: What is ITAR and who must comply?

The International Traffic in Arms Regulations (ITAR) govern the export and handling of U.S. Munitions List (USML) defense articles and technical data. U.S. entities that manufacture, export, provide defense services, or control ITAR-defined technical data must comply with 22 CFR 120–130.

Question 2: How do I know if ITAR applies to my organization?

ITAR jurisdiction is typically identified through USML classification and contractual language referencing ITAR or DDTC registration. If your contracts reference ITAR (22 CFR 120–130), export controls likely apply.

Question 3: What are the penalties for ITAR violations?Who conducts CMMC Level 2 certification assessments?

ITAR violations may result in significant civil penalties, criminal liability, loss of export privileges, and reputational damage. Enforcement actions are issued by the U.S. Department of State.

Question 4: Is ITAR compliance the same as CMMC?

No. ITAR is a federal export control regulation. CMMC is a cybersecurity certification framework required for certain Department of Defense contracts. While cybersecurity supports ITAR safeguards, the regulations are separate.

Question 5: Does this checklist replace legal advice or formal certification?

No. This framework is intended for internal evaluation and planning. It does not constitute legal advice or a formal compliance determination. Organizations should consult qualified export counsel for legal guidance.

Download Your ITAR Checklist

MEET THE FOUNDER & CEO

Hey, I'm Humberto Correa!

I help defense contractors implement practical ITAR compliance programs that protect export-controlled technical data and reduce regulatory risk under 22 CFR 120–130.

I led Brea Networks through our official CMMC Level 2 assessment and earned a perfect 110 out of 110 from a certified C3PAO. That experience reinforced a core principle: compliance must be structured, enforceable, and defensible, not theoretical.

My focus is on building ITAR-aligned security environments that restrict foreign access, safeguard technical data, and support export control obligations. I work directly with defense contractors to strengthen governance, secure infrastructure, and create long-term compliance stability in a rapidly evolving federal landscape.

KEY EXPERTISE:

ITAR technical data protection and access control

DDTC-aligned compliance program development

CMMC Level 2 implementation (110/110 C3PAO assessed)

Secure cloud architecture (GCC High and controlled environments)

Export control governance for DoW contractors

Book a Discovery Call

California HQ

(West Coast)

451 W. Lambert Rd Suite 214
Brea, CA 92821
714-592-0063

Virginia

(East Coast)

1750 Tysons Blvd, #1500
Tysons Corner, VA 22102
202-838-3111