Date Submitted:
Approved by:
Approval Date:
TECHNOLOGY CONTROL PLAN (TCP) TEMPLATE
A TCP outlines procedures to follow when a project requires a plan to protect information and the material is
identified under applicable federal directives that govern the control and export of critical information or
technology. The plan should include the following six elements: Commitment, Physical Security, Personnel
Screening, Training and Awareness, and Self-Evaluation. The purpose of the plan is to also to ensure that no
transfer of technical information or data or a defense service (defined in ITAR 120.10 &120.9) occurs unless
authorized by the Department of State Office of Defense Trade Controls.
The procedures contained in this plan apply to all elements of the research conducted at UMD identified below.
Disclosure of information to foreign persons in a visitor status or in the course of their employment by UMD may be
considered an export disclosure under the International Traffic in Arms Regulations (ITAR) or Export
Administration Regulations and requires a Department of State license or approval of either a Technical Assistance
Agreement or a Manufacturing License Agreement. For questions, contact Joanne Zanella-Litke at x8942 or
jzanella@umassd.edu .
SECTION A. General Information
Pl Name:
Phone:
Email address:
Department:
Dept. Address:
Location covered by TCP (Building and Room No.):
1. Project Title:
2. Technical Description of Item/Technology/Equipment/Software to be Controlled:
3. Sponsored Research: Yes
No
If yes, Sponsor Name and Contact Information:
4. Is non-disclosure agreement involved? Yes
No
If yes and foreign persons are involved, they must sign and acknowledge that controlled or sensitive
information will not be further disclosed, exported, or transferred unless authorized to do so.
5. List specific elements of export-controlled information, both controlled or sensitive, that can be
disclosed to foreign nationals and the program the foreign national is supporting:
6. Does the contract provide for the prior approval of any release of information?
If yes, describe how you will comply with this requirement:
Yes
No
SECTION B. Required Elements of TCP
Each of the following elements must be addressed to control information, technology, or materials:
1. Commitment: This element should demonstrate the export compliance reporting structure and
identify the supervisor(s) responsible for implementing the TCP.
2. Physical Security: This element describes how equipment and data is shielded from unauthorized
persons and include security systems, access controls and operating rules, personnel who have access.
Include descriptions of a) the physical location of each sensitive technology/item, building and room
numbers, and a schematic of the immediate location is recommended; b) they physical security plan
designed to protect your item/technology from unauthorized access; c) perimeter security provisions.
a) Location:
b) Physical Security:
c) Perimeter Security Provisions:
3. Information Security Plan: This element describes measures taken to secure controlled electronic
information. Include descriptions of information access controls such as user ID and password controls,
data discard policy; database and software access, and network security; plans for controlling access to
controlled information, etc.
a) Structure of IT security:
b) IT Security Plan:
c) Verification of Technology/Item Authorization (security management of terminated
employees, individuals working on new projects, etc.):
d) Conversation Security:
4. Project Personnel: This element lists all personnel who would have access to the controlled
technology and their nationality. The plan should also describe the type of background check and any
additional required reviews. ITAR defines a foreign person as any natural person who is not a lawful
permanent resident. It also means any foreign corporation, business association, partnership, trust, society
or any other entity or group that is not incorporated or organized to business in the US as well as
international organization, foreign governments and any agency or subdivision of foreign governments.
No foreign person will be given access to controlled or sensitive material on any project or program that
involves the disclosure of technical data as defined by ITAR or EAR until that individual’s license
authority has been approved if appropriate. UMD employees who have supervisory responsibilities for
foreign persons must receive an export control/licensing briefing that addresses relevant ITAR and EAR
requirements as they pertain to controlled or sensitive information.
a)
Names of Personnel with Access to Controlled Materials
US Citizen?
1)
Yes
No
2)
Yes
No
3)
Yes
No
4)
Yes
No
5)
Yes
No
6)
Yes
No
7)
Yes
No
Additional personnel:
b) Foreign National Approval (If the contract requires sponsor or other approval of assignment
of foreign national personnel, describe the process of how that requirement is met):
c) Personnel Screening Procedures (Describe how lists will be reviewed and verify that no
personnel assigned to work on the project are on any denied party list at
www.bis.doc.gov/ComplianceandEnforcement/ListsToCheck.htm):
d) Background Check If foreign nationals are to be involved in any aspect of the project that
involves access to controlled or sensitive material they must have a background check. Has a
background check been completed?
NA
Yes
No
5. Training and Awareness: Describe how ongoing training is provided and outlined for the area of
export controls.
6. Self-Evaluation: Describe the internal audit process to review records and how findings are reported
to senior administrators:
7. List any attachments included with this TCP
Nondisclosure statements and acknowledgements signed by foreign nationals
Export Controlled Information (lists elements of export-controlled information, controlled or
sensitive, that can be disclosed to foreign nationals if applicable.)
Other:
SECTION C. Signature(s)
I have read and understand the Briefing on the Handling of Export-Controlled Information, and I agree to
comply with the requirements outlined in the TCP for this project.
1) Printed Name:
Signature:
Role:
Date:
2) Printed Name:
Signature:
Role:
Date:
3) Printed Name:
Signature:
Role:
Date:
4) Printed Name:
Signature:
Role:
Date:
Return signed TCP to Joanne Zanella-Litke at jzanella@umassd.edu