Compliance Research

Compliance Whitepapers

In-depth guides on CMMC, ITAR, OFAC, and DFARS compliance for visitor management programs. Written for compliance officers, FSOs, and security teams.

No email required. Free to read, download, and share.

Available Now

Download or read online — no registration required.

CMMC Level 2NIST 800-171DFARS 252.204-7012

CMMC Level 2 Visitor Management

Physical Security Controls for CMMC Assessment Readiness

A comprehensive guide to the 6 Physical Protection (PE) and 9 Audit & Accountability (AU) controls that govern visitor management in CMMC Level 2 assessments. Includes control-by-control mapping, POA&M deferrability analysis, and implementation guidance for defense contractors preparing for C3PAO assessments.

15 min readPublished March 2026FSOs, Compliance Officers, CISOs

Read Online Download PDF Share

OFACSection 117Education

The New Education Compliance Reality in 2026

Sanctions Screening for Schools & Universities

Why sanctions screening, payment-chain review, and audit-ready documentation can no longer be treated as optional campus controls. Covers the $1.72M OFAC IMG Academy settlement, Section 117 foreign funding disclosures, the 5 compliance failures that keep showing up, and a 90-day action plan for education leaders.

20 min readPublished March 2026CFOs, Business Officers, General Counsel

Read Online Download PDF Share

Coming Soon

In-depth compliance guides currently in development.

Coming Apr 2026

ITAR Visitor Screening & Access Control

Meeting 22 CFR 120-130 Foreign National Requirements

How defense contractors can implement systematic visitor screening workflows to satisfy ITAR foreign national access requirements. Covers Technology Control Plans, deemed exports, visitor pre-registration with citizenship verification, and audit trail requirements for DDTC compliance.

ITAR (22 CFR)EAR (15 CFR)DDTC

12 min readExport Control Officers

Coming May 2026

OFAC Sanctions Screening Best Practices

SDN, Entity List & Multi-List Screening for Visitor Management

A practical guide to implementing multi-list sanctions screening for visitor management programs. Covers OFAC SDN, BIS Entity List, EU FSF, and UK Sanctions screening workflows, fuzzy matching thresholds, adjudication best practices, and audit documentation requirements.

OFACBISEU FSFUK Sanctions

10 min readCompliance Teams

Coming Jun 2026

DFARS Audit Readiness for Visitor Programs

Building Defensible Evidence for DCSA & DCMA Assessments

How to build audit-ready visitor management programs that satisfy DFARS 252.204-7012 requirements. Covers evidence pack generation, immutable audit trails, 7-year retention strategies, and the specific documentation assessors expect during DCSA security vulnerability assessments.

DFARS 252.204-7012NIST 800-171DCSA

14 min readSecurity Directors

Why Our Whitepapers Are Different

Written by practitioners who build compliance software — not by marketers who read the regulations once.

Control-Level Mapping

Every whitepaper maps directly to specific regulatory controls — not generic compliance advice. You get the exact clause references your assessor will ask about.

Practitioner Written

Authored by engineers and compliance specialists who work with defense contractors daily. Real implementation guidance, not theoretical frameworks.

Ungated & Shareable

No email capture. No sales call. Read online, download the PDF, or share the link with your team. Compliance knowledge should be accessible.

Ready to Go Beyond
Reading About It?

See how SecurePoint USA maps to every control covered in these whitepapers — with a live walkthrough of your specific compliance requirements.

Request Demo Schedule a Compliance Review