🛡️ ITAR
ITAR Registered Manufacturers in San Bernardino, CA
ITAR registration is unlike the quality certifications buyers usually compare, because it is an export-control legal status with the State Department rather than an audited measure of manufacturing capability. For San Bernardino shops doing defense fabrication or machining, registration governs who may touch the technical data and the parts, and this page explains what it covers, what it does not, and how an Inland Empire buyer sources controlled work without creating a violation.
ITARAS9100ISO 9001
What ITAR Registration Actually Means
ITAR, the International Traffic in Arms Regulations, controls the export of defense articles and defense services on the U.S. Munitions List. A manufacturer that produces or handles USML items must register with the Directorate of Defense Trade Controls (DDTC) at the State Department. That registration is a legal prerequisite to engage in manufacturing or exporting controlled articles; it is not a certification of quality, capability, or process control.
This distinction trips up buyers constantly. Registration tells you a San Bernardino shop has paid its DDTC fee, filed its registration, and is legally permitted to handle controlled defense work. It tells you nothing about whether the shop holds tolerances, controls its processes, or runs a conforming quality system. Those are the job of AS9100 or ISO 9001, which is why defense fabrication shops typically carry an ITAR registration plus a quality certification.
For controlled work, both are mandatory in their own lane: the quality standard governs whether the part is made correctly, and ITAR governs whether the people, data, and parts were handled lawfully. A buyer must verify each separately.
Technical Data, U.S. Persons, and the Real Compliance Burden
The hardest part of ITAR is not making the part; it is controlling the technical data. Drawings, models, specifications, and process detail for a USML item are themselves controlled, and disclosing them to a foreign person, even one standing on the shop floor in San Bernardino, can constitute an unauthorized export. ITAR shops therefore restrict access to controlled data to U.S. persons and segregate it on access-controlled systems and physical areas.
This shapes how an ITAR shop runs: employee nationality verification, locked drawing storage, controlled network shares, visitor controls, and careful management of any subtier that touches the data. A fabricator that emails a controlled drawing to an offshore engineering service or stores it on an uncontrolled cloud has potentially exported it, regardless of intent.
For a buyer, the practical consequence is that when you send controlled technical data to a San Bernardino supplier, you inherit responsibility for confirming they handle it lawfully. Flow your export-control requirements down in the PO and the agreement, confirm the shop's U.S.-person controls, and verify that any plating, heat treat, or machining subtier in the chain is also cleared to touch the data.
Verifying Registration and Sourcing Controlled Work Locally
Unlike OASIS for AS9100, the DDTC registry is not publicly searchable for due diligence, so verification is done by requesting evidence directly. Ask the supplier for its DDTC registration code and current registration letter, confirm the registration is active, and confirm the registered entity matches the company and the San Bernardino site you are contracting with. A reputable defense supplier provides this on request as part of normal qualification.
Beyond the paperwork, assess the supplier's actual export-compliance program: a designated empowered official, written technical-data handling procedures, employee screening, and visitor and IT controls. Ask how the shop handles controlled data in its quoting process and whether its estimators and engineers are U.S. persons, since the data is controlled the moment it arrives, not just on the production floor.
Sourcing controlled work inside the Inland Empire has a real advantage: keeping the technical data and parts within a tight geographic and vetted-vendor footprint reduces the export-control surface area. Every additional out-of-region subtier is another place the data and parts can be mishandled. A local AS9100 plus ITAR machining house with vetted nearby special-process sources is often the lowest-risk path for a defense buyer.
Frequently Asked Questions
No, and conflating the two is one of the most expensive mistakes a defense buyer can make. ITAR registration is a legal status with the State Department's Directorate of Defense Trade Controls that permits a company to manufacture or handle defense articles and technical data on the U.S. Munitions List. It involves filing a registration and paying a fee; it does not involve a third-party audit of the shop's manufacturing processes, tolerances, or quality system. A San Bernardino shop can be fully ITAR registered and still run a weak quality operation that produces nonconforming parts, entirely legally from an export standpoint. Conversely, a shop with an excellent AS9100 system but no ITAR registration cannot lawfully receive your controlled technical data at all. That is why defense fabrication and machining shops carry both: a quality certification like AS9100 or ISO 9001 to govern whether the part is made correctly, and ITAR registration to govern whether the data, people, and parts were handled lawfully. A buyer sourcing controlled work must verify each independently, because satisfying one says nothing about the other.
Unlike AS9100, which is verifiable in the public OASIS database, the DDTC registration system is not openly searchable for buyer due diligence, so verification happens by requesting evidence directly from the supplier. Ask for the company's DDTC registration code and its current registration letter, and confirm the registration is active and that the registered legal entity matches the company and the San Bernardino site you are contracting with. A legitimate defense supplier supplies this as a routine part of qualification. Beyond the registration document itself, evaluate the shop's compliance program: a designated empowered official, written procedures for handling controlled technical data, employee nationality screening, controlled IT systems and network shares, and visitor controls. Ask specifically how controlled drawings are handled during quoting, since the data is controlled from the moment it arrives, not only on the production floor. If the supplier is vague about its empowered official or cannot describe how it segregates controlled data, treat that as a serious risk regardless of the registration paperwork, because the registration is only as protective as the program enforcing it day to day.
When you transmit drawings, models, specifications, or process detail for a U.S. Munitions List item to a San Bernardino supplier, that technical data is itself controlled under ITAR, and you inherit shared responsibility for ensuring it is handled lawfully. Disclosing controlled data to a foreign person, even a non-U.S. employee physically present in the shop, can constitute an unauthorized export carrying serious penalties. A compliant ITAR shop restricts access to controlled data to U.S. persons, stores it on access-controlled systems and in secured physical areas, screens employees, and controls visitors. The risk extends down the chain: if the shop emails your controlled drawing to an offshore engineering service or stores it on an uncontrolled cloud platform, the data may have been exported regardless of intent. To protect yourself, flow your export-control requirements down explicitly in the purchase order and quality agreement, confirm the supplier's U.S.-person and data-segregation controls before sending anything, and verify that every subtier that will touch the data, including plating, heat treat, and machining vendors, is also cleared. The compliance burden is in the data handling far more than in the manufacturing.
Every additional vendor and every geographic handoff in a controlled supply chain is another point where technical data or defense articles can be mishandled, so tightening the footprint reduces the export-control surface area. Sourcing controlled machining and fabrication within San Bernardino and the surrounding Inland Empire, with special processes routed to vetted nearby Southern California sources, keeps the data and parts inside a small, qualifiable circle of U.S.-person-controlled facilities. A local AS9100 plus ITAR machining house that uses a known set of cleared, NADCAP-accredited special-process vendors is far easier to audit and control than a chain that ships parts and data across multiple states and unfamiliar subtiers. Proximity also lets you conduct in-person compliance and quality audits, resolve technical-data questions without transmitting more than necessary, and confirm handling controls firsthand. The defense schedule benefit is real too: keeping plating, heat treat, and NDT regional avoids the lead-time slippage that comes from shipping controlled parts out of region. For a defense buyer, the combination of shorter logistics and a smaller, vetted vendor set is both a compliance advantage and a schedule advantage.
Last updated: July 2026
Find ITAR-Certified Manufacturers in San Bernardino, CA
Search verified San Bernardino shops that hold ITAR.
No logins. No email gates. Just results.