Internal Compliance Plan Standard Operating Procedures Trade Controls

Similar documents
Technology Control Plan

Cloud Computing and Export Controls

BUSINESS ETHICS CONDUCT GUIDE Export Control CHORUS GOV-GRP-EN CREATION JUNE

REPUBLIC OF SERBIA RES. 68/44 - NATIONAL LEGISLATION ON TRANSFER OF ARMS, MILITARY EQUIPMENT AND DUAL-USE GOODS AND TECHNOLOGY

Material Transfer Agreements Export Controls

Import export and transit of weapons/ammunition and dual used goods in MONTENEGRO

Export Compliance and Controls

EXPORT CONTROLS EXPORT CONTROL COMPLIANCE AND RISK: FOR BUSINESS OFFICES

U.S. Export Control System

The Mission would be grateful if the action plan could be circulated to the members of the Committee and published on the Committee's website.

INTRODUCTION COMMERCE CONTROL LIST (CCL) STRUCTURE. (a) Commerce Control List scope. (a) Categories

Export Management and Compliance Program Guide

GOVERNMENT S EMERGENCY ORDINANCE on the control regime of exports, imports and other operations with military goods. CHAPTER I General provisions

Northcliffe Surf Life Saving Supporters Association Inc. Privacy Policy

Export of Commercial or Dual-Use items - EAR

Having regard to the Treaty on the Functioning of the European Union, and in particular Article 207 thereof,

Internal Compliance Programme Guidelines for compiling an Internal Compliance Programme for strategic goods, torture goods, technology and sanctions

Exports and other party audits

Privacy Policy of Townsville Motor Boat & Yacht Club Limited - Liquor Licence Number 84145

Privacy Policy of Brothers Leagues Club Ipswich Inc. Community Club Licence No

SANCTIONS COMPLIANCE POLICY OF MIKRO KAPITAL GROUP

IBM Sterling Data Synchronization Manager

IBM Sterling Supply Chain Visibility Vendor Compliance

A Smarter Way to Work Drones and Export Controls

OFFICE OF EXPORT CONTROL

Global Privacy Policy

IBM SmartCloud Control Desk Software as a Service

eshipglobal User Guide for The University of Texas, Dallas

Humber Information Sharing Charter

Request for O-1 Person of Extraordinary Ability

Guidelines for Purchasing and Property Control

IBM Emptoris Managed Cloud Delivery

Overview. Requirements: Legislation and Enforcement. A Focus on Operative Paragraph 3 of the resolution: border and export controls


Internal Compliance Programmes

Tuff Torq Corporation Security Export Control Operations Standards

HE Ambassador Oh Joon Chair Security Council Committee established under UNSCR 1540 By

Humber Information Sharing Charter

Privacy and Data Protection Policy

Genetic Modification. University Health and Safety Policy. Version 1: September 2015 Author: Health & Safety Services 1

REPUBLIC OF SLOVENIA MINISTRY OF FOREIGN AFFAIRS

Korea s Export Control System & KOSTI

E X PO R T C O N T R O L S C O M PL I A N C E M A N U A L

THE WASSENAAR ARRANGEMENT AND SMALL ARMS AND LIGHT WEAPONS

Human Samples in Research

Presentation to the Long Island Import Export Association Export Compliance Due Diligence, Regulations & Responsibilities

International Export Control Regimes. Nigel Gibbons Head of Technical Assessment Unit Export Control Organisation

New Zealand SECTION 1: POINTS OF CONTACT

Self-Assessment Questionnaire Controllers

GUIDELINES FOR EXPORT OF SCOMET ITEMS. 2. List of Special Chemicals, Organisms, Materials, Equipment and Technologies (SCOMET) items

The Riddle of the Exporter

arm.org/smallarms/reporting/reporting/reportingtemplateprint.aspx?reportingpoa_id= /8

be subject to controls. 2. Research fields, such as those that can be linked to WMDs, where controls are likely to apply The primary purpose of securi

END USER UNDERTAKING (EUU) Form (for SIEL/SITCL applications required by Export Control Organisation)

arm.org/smallarms/reporting/reporting/reportingtemplateprint.aspx?reportingpoa_id= /7

arm.org/smallarms/reporting/reporting/reportingtemplateprint.aspx?reportingpoa_id= /7

L 360/64 Official Journal of the European Union

EXPORT ESSENTIALS. DHL Express The International Specialists. Phillip Poland Boston, 2015

1.2. Licence - permit issued for each export, import or transit consignment of strategic goods<

Blue Lantern. Dr. Judd Stitziel Chief, Regional Affairs and Analysis Office of Defense Trade Controls Policy

The legal framework for the control on trade in dual-use items in Flanders

PREPARING FOR THE GENERAL DATA PROTECTION REGULATION. SELF-ASSESSMENT QUESTIONNAIRE Data Controllers

The European Union Dual-Use Items Control Regime

Records Disposal Schedule Higher Education Teaching and Learning Charles Darwin University

ESSENTIAL SAFETY MEASURES IN BUILDINGS PRESENTED BY: BRUCE HOWIE

NATIONAL LEGISLATION ON TRANSFER OF ARMS, MILITARY EQUIPMENT AND DUAL-USE GOODS AND TECHNOLOGY

Security of Personal Data Policy and Guidelines

Project Title. Project Number. Privacy Impact Assessment

Audit Module: Self-Assessment Tool

REGULATORY CONTROL OF SAFETY AT NUCLEAR FACILITIES

Marketing Code of Conduct

TECHNICAL RELEASE TECH 05/14BL. Data Protection Handling information provided by clients

EXPORT ADMINISTRATION REGULATIONS (EAR) CLASSIFICATION PROCESS

Author(s): Procurement Manager & Head of Corporate Services Procurement and Contract Rules

National Report on the implementation of the Programme of Action on small arms and light weapons (PoA) and the International Tracing Instrument (ITI)

LAW OF MONGOLIA ON ENERGY CHAPTER ONE GENERAL PROVISIONS. Article 1. The Purpose of the Law

6. KLH Industries, Inc. performs inspection activities to ensure that purchased product meets purchase requirements.

Data Protection Act Policy Statement Status/Version: 0.1 Review Information Classification: Unclassified Effective:

Basel Convention on the Control of Transboundary Movements of Hazardous Wastes and Their Disposal

Self-Assessment Questionnaire Processors

TRADE COMPLIANCE PROGRAM MARCH 7, 2018 CHANDLER S. LEONARD DIRECTORATE OF DEFENSE TRADE CONTROLS JEREMY K. HUFFMAN HUFFMAN RILEY PLLC

Official Journal of the European Union L 98/3

arm.org/smallarms/reporting/reporting/reportingtemplateprint.aspx?reportingpoa_id= /8

Procedure. Work Health and Safety Contractor Management. Document number: PRO Rev no. Description Process Owner Approved for issue

Strategic Trade Management in ASEAN George Tan

Research Ethics and Biorisk Management Policy (MPF1341)

VMS Software Ltd- Data Protection Privacy Policy

Conditions of Award. Royal Society Funding Schemes

--- EXPORT CONTROL FOR 128T. Abstract. This document captures export control restrictions for 128T platform

arm.org/smallarms/reporting/reporting/reportingtemplateprint.aspx?reportingpoa_id= /7

Written Compliance Procedures Standards of Conduct Texas Eastern Transmission, LP December 10, 2008

United Nations Security Council and Australian Autonomous Sanctions Higher Degree Research Compliance Assessment Form

National Implementation Measures for the Biological Weapons Convention and UNSCR 1540

arm.org/smallarms/reporting/reporting/reportingtemplateprint.aspx?reportingpoa_id= /7

Records Management Policy

Presenting a live 90 minute webinar with interactive Q&A. Td Today s faculty features:

Master Services Attachment for ServiceElite


Written Compliance Procedures Standards of Conduct. Maritimes & Northeast Pipeline, L.L.C. February 26, 2018

PP Quality Assurance Procurement Clauses for Suppliers

Transcription:

Internal Compliance Plan Standard Operating Procedures Trade Controls Version 3.0: March 2017 Review date: March 2018 Internal Compliance Plan Standard Operating Procedures Trade Controls Page 1

Revision History log Version # Revision Date Author Changes Version 1 OREI First issue Version 2 December 2016 OREI Monitoring and minor amendments Version 3 March 2017 OREI Amendment to process flow reflect adjustments to Technology and Goods Control Plan Approvals Version 2.1 Internal Compliance Plan Standard Operating Procedures Trade Controls Page 2

Table of Contents Preamble... 4 Section 1: IDENTIFICATION, ASSESSMENT and MONITORING... 7 1.1 Trade Controls... 7 1.2 Foreign Trade Controls... 8 1.3 Obligations of the university, supervisors, researcher... 8 1.4 Exemptions... 10 1.5 Assessment of potential controlled goods and technology using the online DSGL tool... 10 Section 2: Permits and Technology and Goods Control Plans... 12 2.1 Permit application and approvals... 13 2.2 Technology and Goods Control Plan... 13 2.3 Data Storage and Information Security (including international travel)... 14 2.4 Retention of Research Data, records and controlled information... 15 Section 3: Project variations... 16 3.1 Project variations requiring permit changes... 16 3.2 Monitoring processes for internal and external purposes... 16 3.3 Notification of non-compliance or suspicious activity request... 17 Section 4: Project closure... 17 4.1 Project/Contract Termination... 17 4.2 Permit cessation... 18 Appendix 1... 19 Relevant Trade Control legislation and regulations... 19 Appendix 2... 20 Identification process... 20 Appendix 3:... 23 Technology and Goods Control Plan and Plan Variation form... 23 Internal Compliance Plan Standard Operating Procedures Trade Controls Page 3

Preamble This Standard Operating Procedures is to be read alongside the QUT Risk Management Framework MOPP A/2.5 Trade Controls for goods, software, technologies and services MOPP A /1.3 Compliance and MOPP D/2.3 Research Governance Framework. The Research Regulatory Compliance Officer in the Office of Research Ethics and Integrity (OREI) is the university s primary contact with the Defence Export Controls (DEC) office. This means that all nontechnical contact with DEC is done through the Research Regulatory Compliance Officer. Identification, Assessment and Monitoring Technology and Goods Control Plans Project Closure Project Variations Figure 1 Trade Control Lifecycle The four key elements in the trade control lifecycle constitute the QUT Internal Compliance Plan. Key Contacts: Office of Research Ethics and Integrity Manager, Information Security Research Regulatory Compliance Officer Maria Corpuz Sue Marshall Phone: 07 3138 2095 Phone: 07 3138 4984 Email: maria.corpuz@qut..edu.au Email: s26.marshall@qut.edu.au Internal Compliance Plan Standard Operating Procedures Trade Controls Page 4

Definitions Australian General Export Licence (AUSGEL) are broad permits that allow multiple exports of specified items to specified destinations, end users, or purposes as stipulated in each AUSGEL. Basic Scientific Research any technology which extends only to the fundamental principles of phenomena or observable facts and is not primarily directed towards a specific practical aim or objective. Brokering when a person acts as an agent or intermediary in arranging the transfer of controlled goods and technology between two places located outside Australia and receives money or noncash benefit, or advances their political, religious or ideological cause. Controlled Technology relating to goods means: (a) Information relating to the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of the goods (including information in the form of blueprints, drawings, photographs, plan, instructions, specifications, algorithm s or documentation); or (b) Software relating to the goods (c) Within the scope of the Defence Strategic goods List (DSGL). Defence Export Controls (DEC) is responsible to the Minister for Defence for regulating the export of defence and dual use goods as part of Australia s system of export controls. Defence Strategic Goods List (DSGL) is a compilation of goods, software and technology that is regulated when exported, supplied, brokered or published. Goods, software and technology listed on the DSGL may not be exported, supplied, brokered or published from Australia unless a licence or permission is granted by the Minister for Defence, or an authorised person, or unless an exemption applies The DSGL is defined into two separate parts: Part 1: lists munitions (or military) items; and Part 2: list a dual-use item, which is items that may be used for commercial purposes, but also have the potential to be used in military systems or within weapons of mass destruction (WMD) programs. DSGL Technology means a thing that is: Technology, or software, as defined in the Defence and Strategic Goods List; and Within the scope of that list. Export Administration Regulations (EAR) is the US regulation for Dual Use goods and services and is additional regulations to be observed concurrently with Australian regulations and trade laws. Export Control Regimes describe the international conventions and regimes relating to export controls that Australia is a party to. They are: Internal Compliance Plan Standard Operating Procedures Trade Controls Page 5

Wassenaar Arrangement Est. 1995 Australia Group (AG) Est. 1985 The Nuclear Suppliers Group (NSG) Est. 1974 The Missile Technology Control Regime (MTCR) Est. 1987 The Chemical Weapons Convention The Biological and toxin weapons Convention (BTWC) International Traffic in Arms Regulations (ITAR) is the US regulation that regulates and controls the US Munitions list and to be observed concurrently with Australian regulations and trade laws. Information Security Plan (ISP) QUTs information technology security management plan for the transmission, storage and classification of information and technologies. Publishing placing controlled technology in the public domain by publishing on the internet or otherwise. Supply when a person in Australia provides controlled technology in a non-physical form to another person outside of Australia. Supply includes supply via email or fax, or by providing someone outside of Australia with passwords to access controlled technology stored electronically. Technology: relating to goods means: Specific information relating to the design, development, production, manufacture, assembly, operation, repair, testing, maintenance or modification of the goods (including information in the form of blueprints, drawings, photographs, plans, instructions, specifications, algorithms or documentation) or; Software relating to the goods. Technology and Goods Control Plan (TGCP) is the documented and approved plan for the management of controlled goods, software and technology for specific research projects and includes information security management for the transmission, storage and classification of information. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 6

0BSection 1: IDENTIFICATION, ASSESSMENT and MONITORING This section of the Standard Operating Procedures provides an overview of trade controls which includes; SOP 1 basic information about the Trade Control Laws; basic information about foreign trade controls; obligations of supervisors and researchers; goods and technology that are listed on the Defence and Strategic Goods List (DSGL); items exempt from export controls; and how to undertake an initial assessment of goods and technologies that may require an approval or permit. 1.1 Trade Controls Trade controls are a system of laws and regulations (See Appendix 1) prohibiting unlicensed export of controlled goods and technology for reasons of national security, foreign policy and economic protection. In Australia, the Customs Act 1901 (Prohibited Exports) Regulations 1958 Regulation 13E provides the legislative basis for tangible exports and prohibits certain goods and technologies listed in the Defence and Strategic Goods List (DSGL) from being exported from Australia without a license or permit. The DSGL is described in two parts. Part 1: lists military items; and Part 2, lists dual-use items that may be used for commercial and research purposes, but may also be used in military systems or for WMD https://dsgl.defence.gov.au/pages/search.aspx The Defence Trade Controls Act 2012 provides the legislative requirements for the controls of intangible activities of controlled goods and technologies listed within the DSGL from being transferred to individuals, states or groups of concern for military or weapons of mass destruction (WMD) use. The Act specifically regulates three areas of activities. These are: The intangible supply (transmission by non-physical means) of controlled technology from a person in Australia to a person outside Australia Publishing controlled military technology Brokering controlled goods and technology for Military or a WMD end use. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 7

Controlled goods and technology listed in the DSGL are subjected to assessment under the legislative regime and may require a permit or approval for export, supply, publishing or brokering. SOP 2 1.2 Foreign Trade Controls Australia must comply with any Foreign Trade Control regimes of the United States (US) and Europe Union. US export controls are extra territorial and apply concurrently with Australian Trade controls. All exports of US origin or derived technologies, software or goods will require relevant US authority to enable re-transfer to other recipients. All Australian DSGL controlled technologies entering or transiting through the USA may require the approval of the applicable US governmental department before entry. Foreign trade controls relating to the University sector include: United States: International Traffic in Arms Regulations (ITAR) regulates the export, re-export and retransfer of defence articles listed on the United States Munitions List (USML) and conditions regarding embargoed countries or nationals; Export Administrations Regulations (EAR) governs the export, re-export and re-transfer of Dual Use and commercial items listed under the Commerce Control List (CCL). Europe Union: EU Export Control regime is governed by Regulation (EC) No 428/2009 which provides for common EU control rules, a common EU control list and harmonised policies for implementation. The EU regime regulates the export of dual-use items. Dual-use items may not leave EU customs territory without an export authorisation. For all trade related enquiries concerning the US and EU you will need to contact the Research Regulatory Compliance Officer to assist you. SOP 3 1.3 Obligations of the university, supervisors, researcher Trade controls are designed to only capture sensitive goods, software and technology for use in military or weapons of mass destruction (WMD) programs. If the goods or technology to be exported are not listed on the DSGL then the act does not apply. If the goods and technology are listed on the DSGL, a permit or approval may be required if: the technology is within the scope of the DSGL and; the activity being undertaken is export, supply, brokering and/or publishing and no exemption applies. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 8

The obligations for the university are to: assist researchers in the identification and application of approval or permits for goods, software and technology that fall within the trade control laws through the service of the Research Regulatory Compliance Officer; maintain full records of approval or permits and applicable documentation; conduct audits from time to time to ensure the conditions of the approval or permit are met; and report any non-compliance to DEC The obligations of the Research Regulatory Compliance Officer are: provide trade controls guidance to relevant sections of the University as necessary; Assist researchers and project supervisors on permit applications, obligations and Technology and Goods Control Plans (TGCP) for controlled technology; develop training for researchers on trade controls; act as the QUT delegate for liaising with DEC for all non-technical permit and trade related enquiries; report to the Director of Office of Research Ethics and Integrity any alleged breaches of the permit or approvals issued by the Australian Government under the Trade Controls law. The obligations for the researcher are to: consider how their goods and technology, as listed in the DSGL, are to be used; seek a permit or approval for goods, software and technologies subject to controls; use the controlled technology only as approved or permitted; maintain full records of use for the purposes of audit and review; maintain records of all supply made under a permit for 5 years post completion of the research project; dispose of any controlled goods, software and technology as described or required under the permit conditions; cooperate in any internal or external audit or review process; and exercise due diligence with their collaborators. The obligations of the Chief investigator/principal investigator are to: exercise due diligence to their areas of responsibility for trade controls; review and authorise the Technology and Goods Control Plan for all controlled technologies used within the group for the purposes of research. Penalties are significant for violations of the DTCA 2012 for the university and/or the individual. Penalties may also be applied against the university from all the Acts associated with Trade Controls concurrent with the DTCA 2012. Offences under these Acts carry civil and criminal penalties. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 9

SOP 4 1.4 Exemptions The DSGL does contain some exemptions available in replacement of obtaining an approval or permits. These exemptions are: technology already within the public domain; technology that is basic scientific research' (see definition); the minimum information necessary for patent applications with the exclusion of nuclear technology listed in category 0; Medical equipment specially designed for medical end-use applies to equipment that incorporates an item controlled in the dual use (part 2) of the DSGL; Supply made orally for Part two DSGL technology (phone or in person); and Preparatory for publication part two DSGL technology to a publisher, peer-reviewer, co-author or for expert comment. Brokering to a listed country or wholly within the listed country http://www.defence.gov.au/exportcontrols/faq-supply.asp SOP 5 1.5 Assessment of potential controlled goods and technology using the online DSGL tool The following procedures apply to goods, software and technologies that are potentially controlled under the Defence and Strategic Goods List (DSGL). Researchers must determine if their goods and technologies: are listed within the DSGL; fall within the control thresholds or have an applicable exemption; and (See SOP 4 and Definitions) are likely to be transferred from Australia by way of export, supply, publication or brokering. 1. Controlled Goods and Technologies Controlled goods and technologies may exist in the following forms: Tangible All physical components or commodities, information in print, on USB or stored on laptops. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 10

Intangible The export of technology which is required for the development, production, use, modification or enhancement of goods listed as controlled in categories 1 to 9 and according to the provisions of Categories 1 to 9 (see definition of controlled technology) This technology remains under control even when applied or applicable to non-controlled goods. 2. Defence Strategic Goods List (DSGL) categories: The DSGL is split into two parts: Part 1: Munitions list: (Military and Non Military Lethal Goods); and Part 2: Dual- use items: items that may be used for commercial purposes, but may also be used in Military systems or weapons of mass destruction and is divided into 10 categories and two lists: Category 0 nuclear materials Category 1 Materials, Chemical, Micro-organisms and Toxins Category 2 Materials processing Category 3 Electronics Category 4 Computers Category 5 Telecommunications and Information Security Category 6 Sensors and Lasers Category 7 Navigation and Avionics Category 8 Marine Category 9 Aerospace and propulsion Sensitive List Very sensitive List Supervisors and researchers who consider that their research, equipment, software or technology falls within the above categories will need to access the online DSGL tool to complete an initial assessment. The online DSGL tool: The online DSGL tool allows users to conduct text based searches of the DSGL to identify if the goods, software or technology are controlled. It has been specifically developed to display details of the relevant controls that exist and other controls that may apply to that particular good. Helpful information when using the online DSGL tool: Review the search tips provided when the Online tool is first displayed; start the search by checking for the highest level of goods, software or technology that is being researched (for example robots, pathogens, UAVs); Internal Compliance Plan Standard Operating Procedures Trade Controls Page 11

be as specific as possible in the use of search terms; The steps to using the online DSGL tool are illustrated at Appendix 2. Always contact the Research Regulatory Compliance Officer if: the online DSGL tool indicates a positive match for controlled goods, software or technology; after using the DSGL online tool you are still unsure if your research is controlled; to verify and validate a negative match result. The Research Regulatory Compliance Officer will confirm whether an export permit is required and will assist you to complete the DEC permit application. Once the permit is issued by DEC then a Technology and Goods Control Plan (TGCP) must be completed for the research project. (SOP 2.2) The Technology and Goods Control Plan Template can be found at Appendix 3 and hyperlink to TGCP. SOP 6 1.6 Monitoring The Trade Control Compliance Officer will continue to monitor research by means of: Assessing contracts or grants approved On the basis of the conditions of the DEC permit On the basis of information provided in the TGCP If a researcher has been issued with a copy of QUTs AUSGEL permits for use; quarterly reporting of transactions will require submission to the Research Regulatory Compliance Officer. Refer to Record Keeping for Permit Holders in SOP 10, section 2.4. 1BSection 2: Permits and Technology and Goods Control Plans This section of the Standard Operating Procedures provides an overview of: the permit application and approval process; the Technology and Goods Control Plan; data storage and security including international travel; email and records management Internal Compliance Plan Standard Operating Procedures Trade Controls Page 12

SOP 7 2.1 Permit application and approvals There are various types of exporting permits available for controlled goods. The Research Regulatory Compliance Officer will work with the researcher or project supervisor to obtain the most relevant permit or approval for the research. This may include the following: AUSGELs broad permit to 25 pre-determined countries that are signatories to regimes; Blanket permits 5 year terms, listed End users and Countries for specifically identified DSGL technologies; Specific Permits applied for on a case by case basis, which may include one off shipments or project time specific or multiple shipments to multiple end users. Other permits may be advised by DEC as more suitable at the time of application and after assessment. The Research Regulatory Compliance Officer will update the researcher on the status of any DEC permit applications. For foreign trade control, you may be required to provide evidence of importation approval of DSGL controlled goods and technologies to assist with any re-export permit approval. Permits often have conditions outlined as part of their approval process. This will require strict recordkeeping for the purpose of Audits. The Research Regulatory Compliance Officer will advise the applicant of any conditions associated with their permit and these conditions must be included in the Technology and Goods Control Plan Any reporting requirements under a permit will be conducted and provided by the Research Regulatory Compliance Officer in consultation with the Project Supervisor or Researcher. 2.2 Technology and Goods Control Plan Once DEC has issued an export and/or supply permit a Technology and Goods Control Plan (TGCP) must be completed and submitted to the Research Regulatory Compliance Officer, Office of Research Ethics and Integrity (OREI) (See Appendix 3). The TGCP records arrangements for the security, training, monitoring and disposal of DSGL listed goods, software or technology subject to a DEC permit. A TGCP template and Guide notes can be accessed at (link). The TGCP should be completed with the assistance of the Research Regulatory Compliance Officer. Final approval delegations are with the Deputy Vice Chancellor Research and Commercialisation and work cannot commence until approved. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 13

SOP 8 2.3 Data Storage and Information Security (including international travel) Where the researcher is dealing with controlled goods, software and technologies, storage and security arrangements must be discussed with the Manager, Information Security. The researcher in consultation with the Manager, Information Security will complete an Information Security Plan (ISP) and a copy must be attached in support of the TGCP. An ISP will ensure the following: use of encryption software for the management of all related files, data management plans and email; secure storage of goods and technology with restricted access to those collaborating on the project; access arrangements for goods and technology reflect the listed personnel where appropriate; that permits are in place before leaving the country with controlled technology on laptops, USBs, flash drives or any electronic device; Note: it is prohibited to take controlled goods, software or technology overseas until you have written approval from the university supported by a permit. Without these authorisations your laptop and/or device risks being confiscated at the border (i.e. Airport) and penalties may apply. Email Transmission and IT Security: All Email transactions made under a permit for the supply of controlled technology must be kept electronically for 5 years post project completion. The following statement must be annotated within the email (the email signature is acceptable): "This email contains information that is protected under the Australian Defence Trade Control Act 2012 and is intended for the recipient only. If you have received this email in error, please notify the sender identified in this email immediately. Permit #. applies to this export. All research data and information controlled under a permit is classified as protected under the MoPP F/1.2 Information Security policy. Further information on IT security standards for the storage, transmission and disposal of research data and information classified as protected can be accessed at the following sites: Guidelines for the Information Security Classification and Handling Matrix (Appendix B) and; Information Security Guidelines for Research Data and Information controlled under Trade Control legislation Internal Compliance Plan Standard Operating Procedures Trade Controls Page 14

SOP 9 2.4 Retention of Research Data, records and controlled information Research Data Research data controlled under a permit must be retained according to the record status and retention timeframes outlined in the Queensland State Archives University Sector Retention and Disposal Schedule QDAN 601v3 Record keeping for Permit-holders Records of activities related to supply and/or brokerage arrangements that a researcher makes under a permit must be retained for a period of 5 years. These records may include: all technical or research documents; Permits, notices or approvals A signed, executed copy of the TCP including any variations or amendments made Any related documents to technology provided by a third party (sponsor) Records of supply transactions including: o Emails to approved offshore destinations that contain DSGL information o Any material transfer agreements applicable o Shipping documentation for offshore transactions, if applicable Information to be contained in the record of supplies made under a permit: 1. A description of the DSGL technology supplies under the permit 2. The unique identifier of the permit under which the permit holder supplied DSGL technology 3. The name of any person to whom the permit holder supplied DSGL technology under the permit 4. For each supply of DSGL technology under the permit: a. The date of the supply; or b. If the permit covers the supply for a period of time the period, or periods, of time during which the permit holder supplied the DSGL technology. Information to be contained in the record of brokerage arrangements made under a permit: 1. A description of the goods or DSGL technology the registered broker arranges to be supplied under the permit 2. The unique identifier of the permit under which the registered broker arranged a supply 3. The name of any person the registered broker arranges to supply goods or DSGL technology, and the place from which the goods or DSGL technology will be supplied 4. The date any arrangement under the permit is made Internal Compliance Plan Standard Operating Procedures Trade Controls Page 15

5. The name of any person that the registered broker arranges will be supplied goods or DSGL technology under the permit, and the place at which the goods or DSGL technology are to be received by that person. 2BSection 3: Project variations This section of the Standard Operating Procedures provides an overview of: project variations and amendments; internal and external monitoring; and non-compliance and suspicious activity notification SOP 10 3.1 Project variations requiring permit changes A variation to a project using trade controlled goods, software and technologies may include: changes to research staff; changes to the research programme or activity that involve any trade controlled goods, software and technologies (adding or deleting); changes to information security changes to physical security; and any additional overseas travel not identified in the original TCP. amendments to the DSGL or a controlled goods list or legislation The researcher is to complete and submit a TGCP Variation to the Research Regulatory Compliance Officer. The researcher must not conduct any controlled activity as described in the variation until either an existing permit is amended through Defence Export Controls or where required, an additional permit is obtained and provided to the researcher. SOP 11 3.2 Monitoring processes for internal and external purposes The Office of Research Ethics and Integrity (OREI) will periodically monitor/audit any research conducted under a TCP. Internal audits are an integral part of a robust Export Control Management System (ECMS) to detect, correct and prevent potential violations before external audits are conducted. Audits may be conducted from time to time or as required under the permit conditions. The audits will review: Research activity is compliant with permit conditions of approval and/or Records relating to supply activities and/or brokerage arrangements are managed according to the requirement of the Act. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 16

SOP 12 3.3 Notification of non-compliance or suspicious activity request Project supervisors must immediately advise the Research Regulatory Compliance Officer of any suspected breach of approvals or permit conditions. All suspected breaches in Information security must be reported to the QUT Manager, Information Security. Non-compliance can be the following: supplying controlled technology to end users/ countries not authorised on the approval, permit or notice; travelling internationally with controlled technology on an unauthorised electronic device or USB; new researchers collaborating on the project before permit amendment is completed; unauthorised access or usage of controlled goods, software and technology. 3BSection 4: Project closure This section of the Standard Operating Procedures provides an overview of: process for project termination; and permit cessation. SOP 13 4.1 Project/Contract Termination The obligations under an issued permit and approval continue as long as the controlled goods, software and technology remain in the possession of the university, researcher or supervisor. In the event of immediate cessation of employment of the Principal Supervisor nominated on the permit, the role of custodian of the controlled goods, software and technology lies with the Head of School/Director as per university policy. Disposal of controlled goods, software and technologies should be coordinated with the Research Regulatory Compliance Officer. All records including hardcopy emails and project documentation pertaining to the controlled goods, software and technologies allowed under a permit or approval will be retained in accordance with university policy and all applicable legislation. All security requirements in place for the storage or access to the controlled goods, software and technologies will remain in force until eligible for destruction. Should at any stage the security measure in place be compromised, the project supervisor is responsible for notifying the QUT Manager, Information Security officer in the first instance of the breach. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 17

The Director, Office of Research Ethics and Integrity will consider any reported alleged breaches of the permit or approvals issued by the Australian Government under the Trade Controls law. SOP 14 4.2 Permit cessation Once the expiry date, as stated on the permit lapses, all exporting/supply activities must cease under that permit. Should a project be extended, please contact the Research Regulatory Compliance Officer at least 30 working days before permit expiry for submission for renewal with the Defence Export Controls. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 18

Appendix 1 Relevant Trade Control legislation and regulations Defence Trade Control Act 2012 Defence Trade Control Amendment Bill 2015 Customs Act 1901 Weapons of Mass destruction (Prevention of Proliferation) Act 1995 Military end-use provisions (section 112BA) of the Customs Act 1901 Charter of United Nations Act 1945 Autonomous Sanctions Act 2011 Wassenaar Arrangement Est. 1995 Australia Group Est. 1985 The Nuclear Suppliers Group Est. 1974 The Missile Technology Control Regime Est. 1987 The Chemical Weapons Convection The International Traffic in Arms Regulations (ITAR) (USA) The Export Administration Regulations (EAR) (USA) Internal Compliance Plan Standard Operating Procedures Trade Controls Page 19

Appendix 2 Identification process 1. Identification steps The control of goods and technology can be complex. To assist researchers in identifying whether the research is within the DSGL and therefore controlled the following steps should be followed using the online DSGL search tool. Step 1: Access the online tool developed by the DEC at the following link: https://dsgl.defence.gov.au/pages/home.aspx Only access the DSGL Search not the Activity Questionnaire Figure 2 - DSGL search portal Step 2: click on the DSGL search button and this will commence the search function you require. DEC has provided some search tips at the beginning of the search function to assist you on the system. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 20

Specific detail required Figure 3 - search results Step 3: input search parameters for the research activity Possible matches of control All returned results must be checked for a match against control thresholds. Figure 4 - extended control lists Step 4 applicable and possible controls to the search request will be displayed. All returned results must be checked for the technical specifications/ performance or General Technology Notes (GTN) against your research. (Figure 4) Step 5 once a match is identified it must be added to my DSGL list as illustrated in figure 4 for printing and submission to the Research Regulatory Compliance Officer for assessment against exemptions or permit requirements. Figure 5 - link to add to DSGL list Step 6 print this DSGL summary (hyperlink below for example) and submit to the Research Regulatory Compliance Officer. Internal Compliance Plan Standard Operating Procedures Trade Controls Page 21

Figure 6 - DSGL summary applicable to the item of control DSGL_Printout_Exam ple.pdf Figure 7 - hyperlink to printout example Step 7: if research is not listed within the DSGL you will be displayed the illustrated screen at figure 7 and no further action will be required providing that all possible scenarios have been assessed against the DSGL online tool checks. This result must be printed (print screen) and submitted for verification to the Research Regulatory Compliance Officer with a brief project description within an email. No matches to this search request not controlled Figure 8 - Negative DSGL search result Internal Compliance Plan Standard Operating Procedures Trade Controls Page 22

Appendix 3: Technology and Goods Control Plan and Plan Variation form The Technology and Goods Control Plan template can be accessed via the link below. http://www.orei.qut.edu.au/defence/technology_goods_control_plan_mar_2017.pdf Internal Compliance Plan Standard Operating Procedures Trade Controls Page 23

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback