Question 1

How do ITAR requirements apply in the Oracle Agile PLM?

Accepted Answer

Defense products are subjected to International Traffic in Arms Regulations (ITAR) regulations requiring access controls for data handling visibility.  Agile PLM systems can implement controls over who can read, update or even search the data.  Agile PLM can employ control attributes (for example for security access level) or use membership in a user group as criteria. 
The group membership access can reflect internal projects and teams as well as external suppliers participating in a change or customers accessing documents and part lists.  Suppliers, internal teams, and customers can collaborate while restricting the visibility of data items to only the ones assigned and relevant.

• ITAR - Items designed or developed for military or space applications
 • EAR - Items designed or developed for commercial applications (alone or together with military/space applications, called dual use)

Question 2

When does ITAR compliance matter?

Accepted Answer

• Your effort to remain in compliance with the ITAR will be a huge mitigating factor in the event of an audit.

• A company actively striving to operate within regulations is viewed in a different light than one that is unaware of, or unwilling to follow the rules.

• As an exporter, you are expected to maintain compliance with and knowledge of ITAR regulations. A formal export compliance policy and ongoing training are both highly recommended.

• Your company needs to have an ITAR compliance program, minimally consisting of a compliance manual, training, recordkeeping, and properly trained employees responsible for activities under the ITAR.

Question 3

How does thrive.gs support customers who are subject to ITAR requirements?

Accepted Answer

Code of Federal Regulations regarding ITAR states,
 • “This information must be stored in such a manner that none of it may be altered, once it is initially recorded, without recording all changes, who made them, and when they were made."

Implement change control on the product data and Restrict direct access to product data, development, and test environments. We employ “U.S. Persons” as defined by ITAR for all data management work. Data is never accessed by an unauthorized person or processed even in the United States or an offshore technology center.

All data management, PLM configuration, and code development in executed by authorized US Persons following the company policies and procedures.  In many cases, we work using company-provided laptops and corporate network access tools such as Citrix and VPN.

Question 4

How does thrive.gs provide assurance to customers that it meets ITAR requirements?

Accepted Answer

We ensure the record-keeping element of ITAR is in compliance. In the event of an audit, you will want to be able to produce records detailing all of your compliance efforts.
 • This includes purchase orders, shipping documents, delivery receipts, notes, etc. (ERP)
 • Address documentation for issues like training, hiring, foreign nationals, and the like (PLM)
 • Make sure to include a record of all the entities that interact with your exports – freight forwarders, receiving agents, shipping companies, etc. (AVL/ASL in PLM)
 • Documentation can (and should) include pre-sales investigation and customer communication as well as post-delivery follow-up. (CNM, Proj Mgmt, Cost Mgmt in PLM)
 • Ensure strictly authorized access to all the record-keeping product documents stored in PLM

Customer data is not only critical to the company’s competitiveness but also to national security and we do not take that lightly.  All U.S. based thrive.gs employees undergo a background check before hiring and usually have a track record of working in high-security, NDA-based engagements where client Intellectual Property is always handled securely.  
Lastly, we encourage using company-provided laptops with traceability of email and file transfers. thrive.gs has an extensive ITAR client list of aerospace and aerospace-related companies.

Functional Services

Oracle Cloud Health Check

Oracle Cloud Application Support

Business Process Improvement

Help Desk Issue Resolution

Dashboards, Reports, and Analytics

Admin and User Training

Technical and Integration Services

Automation and Customizations

Oracle Quarterly Patches and FDA Validation

Integrations with non-Fusion enterprise systems

Functional Services

PLM Health Check

Application Support for all Modules

Business Process Improvement

Admin Support

Data Restructuring - Merge /Split/Transform

FAQs

Technical and Integration Agile PLM Services

Agile PLM Application Infrastructure Management

Agile PLM Customizations via PX or WebApps

Agile PLM Lift and Shift to OCI

Agile PLM Upgrades

Agile PLM Integrations to ERP, MES, Silicon Expert

Agile PLM Security-ITAR Compliance

Why Security-ITAR

Challenges we Help you Solve:

To learn more about the health of your Agile PLM Applications, book an appointment with us!

SOLUTIONS

Agile PLM

Oracle Cloud PLM

QUICK LINKS