Are your processes operator controllable? Does your compliance team know what is expected of them? Remember, Knowing is not Doing. Compliance requires both Knowing and Doing. Subscribe to AEI’s mailing list * indicates required Email Address * First Name Last Name
Practitioners of the ITAR often experience frustration when customers can’t or will not provide an accurate classification of controlled data being passed on (i.e. a drawing of a part or assembly). For example we have all received that all to common warning: WARNING – This document contains technical data whose export is restricted by the… Continue reading We’re from the government and we’re here to help.
The DFARS 252.204-7012 Safeguarding Covered Defense Information and Cyber Incident Report requires the protecting of controlled unclassified information in nonfederal information systems and organizations (e.g. commercial sub-tier suppliers). The Good News is that this regulation has a limited scope of your “systems”: The security requirements apply only to components of nonfederal systems (e.g. commercial sub-tier… Continue reading Where are the cyber security regs leading?
Are you equipped to avoid regulatory violations? Are you equipped to properly implement the DFARS? AEI equips it’s clients: By Introducing the regulations to their organizations In aiding in understanding the regulations In applying the the knowledge of the regulations into their processes Subscribe to AEI’s mailing list * indicates required Email Address * First Name… Continue reading Here at AEI We Equip Our Clients
No one wants to here the words, your baby is ugly. When AEI is tasked to assess a client’s compliance processes, sometimes we have to tell the client that their processes, training and personnel have a hole large enough for a violation to escape. Yes, an escape can happen at any company at any time… Continue reading Your Baby is Ugly
Organizations should closely analyze requirements from their customers who flow down regulatory requirements such as the FAR and/or DFARS to determine if conflicts exists. In an analysis of certain Defense Federal Acquisition Regulations Supplement, I noticed what could be a conflict for those organizations who may seek to use a Voluntary Disclosure as a result… Continue reading Regulatory Requirements & Policy Conflicts
A few weeks ago AEI held a complimentary webinar explaining the Cyber Security and Reporting DFARS 252.204-7012 clause. During the webinar we demonstrated our checklist. Since the webinar we have been swamped for requests for the checklist. If you would like your own copy, please send us an email, provide your name and company name and we… Continue reading Checklist for DFARS 252.204-7012
Regardless if your company is publicly or privately held, the U.S. Government by using the Federal Acquisition Regulations can require and enforce cyber controls on your company networks. Your private networks. Learn if this Federal Acquisition Regulation applies to your firm. Contact AEI at email@example.com Subscribe to AEI’s mailing list * indicates required Email… Continue reading The Feds can do what?
The is a lot a talk about the upcoming Cyber Security requirement deadline in December 2017, yes, I’m referring to NIST SP 800-171. Many organizations are scrambling to assess their compliance. Most QA Managers are doing what comes natural, they are relying on the GAP ANALYSIS in order to measure their compliance. Performing a Gap analysis… Continue reading Performing an Effective Gap Analysis
For members of the LinkedIn Aerospace Exports Supply Chain Connection Group we are providing a free training aid to understand the May 2015 Proposed Rule to amend the ITAR regarding Registration and Licensing of U.S. Persons Employed by Foreign Persons. If your organization is part of the aerospace sub-tier supply chain, consider joining this group. Though the… Continue reading Helping the small aerospace sub-tier supplier