Latest News

What we’re talking about

Microsoft export violations
Export Compliance News

Microsoft Export Violations Make News

Microsoft export violations have resulted in multi-million-dollar penalties for the software provider.  The company has made voluntary disclosures to the Bureau of Industry and Security (BIS), the Department of the Treasury’s Office of Foreign Assets Controls (OFAC), and the Department of Justice (DOJ).  Most of these reported violations occurred between 2012 and 2019.  These violations

Read More »
Quality Management Internal Auditing
Quality News

Quality Management Internal Auditing Tips

Quality Management internal auditing is performed in an organization to assess strengths and weakness, and identify areas of noncompliance. These audits are usually conducted by employees of the organization to assess processes they are not directly involved in to ensure an unbiased analysis.  Information gathered from a well performed internal audit can provide insights for

Read More »
GoDaddy Multi-Year Security Breach
Cyber Security

GoDaddy Multi-Year Security Breach

Hosting giant, GoDaddy, has disclosed a Multi-Year Security Breach that has compromised customer security and may cause infection of websites.  This is a noteworthy concern as the company acts as a hosting service for 20 million customers worldwide.  The first breach was reported in November of 2019.  Since this time the company has reported two

Read More »
BIS Assessing Civil Space
Export Compliance News

BIS Assessing Civil Space Industrial Base

The Bureau of Industry and Security (BIS) is Assessing the Civil Space Industrial Base in the United States in partnership with the National Oceanic and Atmospheric Administration (NOAA) and the National Aeronautics and Space Administration (NASA) to better understand this important supply chain network.  This study will use surveys to collect data from U.S. organizations

Read More »
Tabletop Exercises for Cyber Incident
Cyber Security

Tabletop Exercises for Cyber Incident Response

Tabletop Exercises for Cyber Incident Response teams are effective tools for assessing the ability of an organization to protect and preserve sensitive data.  These exercises engage team members to respond to a variety of scenarios.  This provides an evaluation of the Cyber Incident Response Plan’s technologies, processes, and personnel’s ability to maintain confidentiality, integrity, and

Read More »
Temperature Shock MIL-STD-810 Method 503
Product Testing News

Temperature Shock MIL-STD-810 Method 503

MIL-STD-810 Temperature Shock testing (Method 503) is used to evaluate equipment’s ability to withstand sudden changes in temperature.  This laboratory test method is conducted in environmental test chambers and can be tailored to replicate the anticipated thermal profiles during storage, transit, and operation.  Such shock could be experienced when a jet fighter on a tarmac

Read More »
Disruptive Technology Strike Force
Export Compliance News

Disruptive Technology Strike Force to Enforce EAR

The Department of Commerce has initiated the Disruptive Technology Strike Force which will partner the Bureau of Industry and Security (BIS) with the Department of Justice (DoJ) in the enforcement of the Export Administration Regulations (EAR).  Export Administration Regulations (EAR) control the export of commodities determined to be dual-use.  Dual-use items refer to commodities and

Read More »
Cyber Security

Delays in CMMC 2.0 Final Ruling

As 2023 opens it appears that there may be further delays in CMMC 2.0 reaching a final ruling as the Pentagon considers additional revisions of the proposed rule.  These reconsiderations are, as reported on ClearanceJobs, the result of internal politics and concerns on the impact on businesses.  Because the rule is in proposed status, it

Read More »
Export Compliance Program Guidelines
Export Compliance News

Export Compliance Program Guidelines – DDTC

The Directorate of Defense Trade Control (DDTC) has released Export Compliance Program Guidelines to provide businesses with an overview of best practices for complying with the International Traffic in Arms Regulations (ITAR).  These guidelines encourage organizations to adopt robust policies and procedures to ensure that compliance with export controls for items enumerated in the United

Read More »
MIL STD 461 RE102
Product Testing News

MIL-STD-461 RE102 Radiated Emissions

MIL-STD-461 MIL-STD-461 is an EMI/EMC standard for developmental test and evaluation.  This standard is broken out into nineteen various methods.  These methods include Radiated Emissions, Conducted Emissions, Radiated Susceptibility, and Conducted Susceptibility. MIL-STD-461 testing includes radiated and conducted test methods.  These methods involve simulations of magnetic, radio frequency, Electrostatic Discharge (ESD), and Electromagnetic Pulse (EMP)

Read More »
ddtc open general license program
Export Compliance News

DDTC Open General License Program

The Directorate of Defense Trade Controls (DDTC) Open General License (OGL) pilot program has been instituted to ease the conditions under which exports, reexports, and retransfers of unclassified defense articles may be performed between pre-approved parties.  This program was started in August 1, 2022 and will continue through July 31, 2023, at which time the

Read More »
maintaining a CMMC program
Cyber Security

Maintaining a CMMC Program – Best Practices

Maintaining a CMMC program requires that organizations engage management system principles in their daily cybersecurity programs.  These activities will be essential for Department of Defense (DoD) contractors to remain compliant. Current CMMC Requirements Currently CMMC 2.0 requirements are divided into three levels of compliance: CMMC Level 1 – Foundational is comprised of the 17 practices

Read More »
Electrical Power for MIL-STD-810
Product Testing News

Electrical Power for MIL-STD-810 Testing

  Electrical Power considerations for MIL-STD-810 testing create a new level of detail for functional and operational tests.  The standard has placed increased emphasis in recent revisions, to changes in voltage, frequency, phase displacement, and other power deviations that are expected to be present in the normal operation of the device to be tested. Guidance

Read More »
Huawei and ZTE
Cyber Security

Huawei and ZTE Designated Threats to Security

The Federal Communications Commission (FCC) and Homeland Security Bureau have designated Huawei and ZTE as threats to U.S. national security.  Because both Chinese companies are subject to the Chinese Communist Party, they are required by law to cooperate with China’s intelligence gathering activities.  China has developed an arsenal of cyber capabilities to target U.S. information

Read More »
Denied Parties Screening
Export Compliance News

Denied Parties Screening for Export Compliance

Denied Parties Screening is an essential practice for ensuring regulatory compliance to U.S. law.  Screening is performed to restrict or prohibit U.S. individuals and organizations from shipping products or providing services to parties listed on denial, debarment, and blocked persons lists. Screening applies to all businesses regardless of product or service sector.  An organization is

Read More »
FBI Concerns about TikTok
Cyber Security

FBI Concerns About TikTok User Data

FBI concerns about TikTok’s use of U.S. citizens’ user data were conveyed to the House Committee on Homeland Security by Director Christopher Wray.  The Chinese owned social media app currently has over one billion monthly users.  Among the FBI’s concerns is that the Chinese government could conduct influence operations with the app or use it

Read More »