Sigma Logo
Contact Us
Back to Home

Export Compliance & Security

Effective Date: June 1, 2025

1. Overview

Sigma LLC ("Sigma") is committed to full compliance with all applicable U.S. and international export control regulations (e.g., U.S. EAR, ITAR; EU Dual-Use Regulations) and industry security standards (e.g., ISO 27001, SOC 2). This page outlines our export compliance obligations, security practices, and how clients can verify adherence.

2. Export Control Compliance

U.S. Regulations

  • Export Administration Regulations (EAR): Our software and hardware may be classified under ECCN 5D002 ("Mass Market" cryptography).
  • International Traffic in Arms Regulations (ITAR): We do not develop or export defense articles; if any project involves ITAR-controlled items, we obtain proper registration and licensing.

Export Licensing & Screening

  • End-User Screening: We perform due diligence against sanctioned entities and restricted parties lists (e.g., OFAC, EU Sanctions, UN).
  • License Determinations: We consult with legal experts to obtain necessary export licenses for controlled technology or encryption products.
  • Documentation: All exports and re-exports are logged in our internal compliance registry for audit purposes.

3. Data Security & Information Assurance

Information Security Framework

  • ISO 27001 Alignment: Regular risk assessments, third-party audits, and continuous improvement cycles.
  • SOC 2 Type II: Controls over security, availability, and confidentiality.

Technical Controls

  • Encryption: AES-256 at rest; TLS 1.2+ in transit.
  • Network Security: Enterprise firewalls, IDS/IPS, and segmented VPCs in cloud environments.
  • Access Management: Role-based Access Control (RBAC), least privilege, multi-factor authentication (MFA).

Physical & Personnel Security

  • Data Centers: Tier 3+ facilities with 24/7 monitoring, biometric access, and video surveillance.
  • Employee Training: Annual security awareness, phishing simulations, and mandatory export compliance training for relevant staff.

Contact Information

For export control and licensing questions:

compliance@sigmallc.com

For information security inquiries:

security@sigmallc.com