An official website of the United States government
Here's how you know
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Brochure | June 14, 2024

Joint Certification Program

joint certification program thumbnail
joint certification program
joint certification program thumbnail
joint certification program
joint certification program
Photo By: jason cassing
VIRIN: 240614-D-RI745-0125

The Joint Certification Program certifies entities in the United States and Canada who require access to unclassified military technical data. The JCP helps to protect this data and related technology from common adversaries while allowing it to allow to certified Canadian and American entities with a legitimate need to access the data. It also ensures that effective controls and enforcement mechanisms are in place in each country to protect technical data. The JCP certification allows access to US DOD and Canadian Department of National Defence (DND) unclassified export controlled technical data and critical technology on an equally favorable basis in accordance with DODD 5230.25, “Withholding of Unclassified Technical Data and Technology from Public Disclosure,” and Canadian Technical Data Control Regulations.

The JCP Office

  • Is the only DOD/DND agency that reviews and certifies the Military Critical Technical Data Agreement (DD Form 2345)
  • Provides customer support to defense contractors applying for certification
  • Receives, processes and maintains approximately 9,000 DD Form 2345 certifications annually
  • Establishes JCP policy based on DOD/DND Directives
  • Consults and cooperates with government stakeholders in the development of common industrial security policies, procedures and technology controls
  • Partners with DOD legal counsel and federal law enforcement on certification, debarment and other actions

JCP Portal access pre-submission requirements

  • Must be a United States or Canadian entity
  • Complete National Institute of Standards and Technology (NIST) assessment and uploaded in the Supplier Performance Risk System (SPRS)
  • System for Award Management (SAM) registration is updated and correct
  • Review and complete the Introduction to Proper Handling Training
  • If applicable, provide your organization’s Directorate of Defense Trade Controls Registration Letter, Export Control License, and valid up-to-date Proof of Business *(proof of business documentation needs to be within 12 months of the date of the application)
  • Google Authenticator application used for two factor authentication

The JCP has transitioned to an online application process, which incorporates the required information for the DD Form 2345. The program no longer accepts applications submitted by email, postal service, commercial delivery services or submitted by FAX. All applications must be completed online through the JCP Portal. JCP Portal Instructions and Login Instructions are available via the Logistics Operations https://www.dla.mil/Logistics-Operations/Services/JCP/

  • Before submitting an application to the JCP, verify if your company has been or is already certified
  • An active CAGE Code or a Canadian-issued NATO Commercial and Governmental Entity Code (NCAGE Code) must be obtained and is

required for all companies prior to the submission of your completed online application that will populate the DD Form 2345

  • Companies doing business with the DOD, must have a Unique Entity Indicator (UEI) and register in the SAM database prior to submitting your online application that will populate the DD Form 2345. SAM and UEI registration must be current and active in order to obtain a JCP Certification
  • DFAR Clause 252.204-7012 requires all DOD contractors and subcontractors to implement cybersecurity requirements in the NIST Special Publication (SP) 800-171, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations
    • Safeguard covered defense information, Report cyber incidents, Submit malicious software and Facilitate damage assessment
  • Your NIST assessment results must be documented in the SPRS
  • In order to obtain DLA's Export Controlled Data, the user must answer the Media Access Control (MAC) and the Internet Protocol (IP) addresses, and the actual physical address of the computer used to communicate with the DOD/DND Database
  • If the Data Custodian is also the company’s signatory and authorized representative on the application, the name and signature must match the person that can obligate the company in a contract
  • Incomplete and/or incorrect information on the application will result in a return of the application to the submitter for rectifications

Required information under Relevant Business Activity information which feeds Block 4 of DD Form 2345 – Describe your entity and what it does, e.g., what does it manufacture/produce, what service does it provide, etc.

  • Indicate if you are a Prime Contractor or a Sub-Contractor (If applicable)
  • If a Sub, include the Prime’s CAGE and address and must hold a JCP certification
  • Describe what type(s) of equipment/material/service you manufacture
  • Provide commodity North American Industry Classification System (NAICS) or Federal Supply Class (FSC) NOTE: You do not need to list ALL NAICS’s or FSC’s and they must be listed in SAM.gov
  • If you are a non-manufacturer, please provide the CAGE and company name(s) of the manufacturer(s) that produces your product
  • Is your equipment/material/service related to the United States Munitions List (USML) or Commerce Control List (CCL)f If yes, state what category
  • Are you registered with Directorate of Defense Trade Controls (DDTC)f If yes, state so and provide documentation. If you provide or handle USML items, you are required to register with Directorate of Defense Trade Controls (DDTC) per the ITAR. NOTE: Contact Department of State information regarding International Traffic in Arms Regulations (ITAR): https://www.pmddtc.state.gov/
  • Do you possess an Export Control License? If yes, state so and provide documentation in your submission
  • State your purpose for a JCP certification for Export Control access: (Bid on DOD solicitations, exchange of data, conference attendance, research and development, other)
  • Do you require access to a system to obtain technical data?  (SAM.gov, DIBBS, DTIC other, none) If DIBBS, provide your USER ID
  • Indicate the government agency or third party requiring you to obtain JCP certification (Prime, Subprime, Govt. Contract Specialist, Conference, etc.). NOTE: This is not the entity applying for certification. If you have no Government Agency requestor, please state so

The information on this flyer is verified with the JCP office: jcp-admin@dla.mil; aggregated by: customeroutreach@dla.mil.

GD0006 – Revised JUN2024