ITAR (International Traffic in Arms Regulations)
ITAR (International Traffic in Arms Regulations) is the US State Department regulation controlling the export, transfer, and brokering of defense articles, defense services, and related technical data listed on the United States Munitions List (USML). Administered by the Directorate of Defense Trade Controls, ITAR restricts sharing controlled hardware and technical data with foreign persons unless the activity is licensed or otherwise authorized.
Examples
Foreign quote declined: A UAV manufacturer wants to dual-source an ITAR-controlled actuator it buys for $480 per unit. A Canadian machine shop quotes $390, but releasing the technical data package abroad would require State Department authorization, so the buyer instead qualifies a second DDTC-registered US shop at $415.
Technical data exposure: A defense subcontractor finds controlled drawings in a shared folder open to all 60 engineers, including six foreign nationals. Releasing technical data to a foreign person inside the US counts as an export, so access is cut to authorized US persons and counsel reviews the incident for a voluntary disclosure.
Registration check: Before awarding a $2.1M machining package on a defense program, a buyer verifies each bidder's DDTC registration and flows ITAR clauses into the PO terms. One low bidder withdraws after admitting it has never registered.
Definition
ITAR sits with the State Department's Directorate of Defense Trade Controls (DDTC) and covers items and technical data on the United States Munitions List. The companion regime, the Export Administration Regulations (EAR), sits with the Commerce Department and covers dual-use items. The first question for any defense-adjacent part is which list it falls on: a bracket machined for a missile housing can be ITAR-controlled even when the identical process on a commercial part is unregulated.
For procurement, the regulation reaches well beyond shipping. Emailing a controlled drawing to an overseas supplier is an export. So is showing it to a foreign-person engineer inside the US. US manufacturers of defense articles must register with DDTC even if they never export anything, which makes registration status a standard check during supplier qualification. A signed NDA protects confidentiality but does not authorize an export; only a license or exemption does.
Teams that mix defense and commercial work need compliance gates inside the RFQ process itself: flag controlled part numbers, restrict global sourcing for those items to authorized suppliers, and control who can open the data. Our guide to what ITAR means for procurement leaders covers registration, licensing, and flow-downs in detail. Direct-materials teams use LightSource to tag ITAR-scoped parts so quotes route only to suppliers cleared to see them.
Previous
*GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and COOL VENDORS is a registered trademark of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.