you have, or plan to have, contact with foreign entities, either
by hosting foreign visitors, hiring foreign
national employees, or through joint ventures and/or joint
research you may be required to have a Technology Control Plan
(TCP). This plan stipulates how your company will control its
technology and establishes procedures to protect classified,
proprietary and export
controlled information, as well as, controls access by foreign
visitors and foreign national employees.
general, a Technology Control Plan* consists of:
description of the information that needs to be protected.
specific measures taken to control facility access, the
procedures for controlling access to devices and equipment that
contain classified or export controlled information such as
computers, fax machines, etc.
The measures taken
to train and educate personnel on the their responsibilities to
control classified and proprietary information, as well as, the
consequences for negligent and non-compliant acts.
Who will be in
charge of compliance and oversight within your company.
security measures your company puts in place should be tailored
to your operations and to the specific threats that have been
identified in your specific industry. In many cases, a
Technology Control Plan (TCP) will be required and in other
cases, it is just good business practice to proactively
implement a plan, as implementing a TCP is a good procedure for
mitigating the risk associated with these security
vulnerabilities. In all cases, M3 Federal International has
experienced professionals that can help you develop the right