NIST AI RMF for DoD Contractors: CMMC Level 2 & AI (CUI)
Updated: January 26, 2026 • 8–10 minute read
With DoD AI funding accelerating, contractors that handle CUI need a clear plan. Specifically, combine the NIST AI RMF for DoD contractors with CMMC Level 2 requirements for AI that touches CUI. Consequently, this guide shows how to govern AI, protect CUI, and build audit-ready evidence by aligning AI controls with NIST SP 800-171/171A, NIST SP 800-53, and CSF 2.0.
Next, We’ll map AI RMF functions (Govern → Map → Measure → Manage) to concrete artifacts—policies, logs, enclave designs, and POA&Ms—so assessors and contracting officers see a coherent, defensible program.
For background, see the official NIST AI Risk Management Framework and the DoD’s CMMC program site. DFARS requirements related to CUI are published at acquisition.gov.
How NIST AI RMF for DoD contractors fits your compliance roadmap
Use the keyphrase principles to guide policy, scope data flows, and collect evidence that maps to 800-171 families.
NIST AI RMF for DoD contractors: why it matters in 2026
With the DoD accelerating AI funding, contractors that touch CUI need a provable approach to responsible AI. The NIST AI RMF gives DoD contractors a common language to govern AI risk while aligning with NIST SP 800-171 and CMMC Level 2. Use it to set policy, scope data flows, and document controls that withstand assessor review.
CMMC Level 2 and AI (CUI): building a defensible program
CMMC Level 2 and AI (CUI) aren’t in conflict—but they require design choices. Keep CUI out of prompts by default, segment any AI that must process CUI into a protected enclave, and capture objective evidence (configs, logs, SOPs) mapped to 800-171 controls. Start with a CMMC L2 gap assessment and add an AI workstream to your SSP/POA&M.
CUI and AI compliance: keep sensitive data out of prompts
- Block CUI patterns with DLP and prompt filters; banner UIs to warn users.
- Contractually bind AI vendors (LLMs/APIs) to CUI safeguards (encryption, logging, purge-on-exit).
- For unavoidable use, route CUI through a hardened 800-53 enclave with RBAC and FIPS-validated crypto.
AI governance for defense contractors: from policy to practice
Translate policy into practice: define roles (model owner, data steward), approve AI use cases, and set change control for models and prompts. Align metrics to NIST CSF 2.0 outcomes so leadership sees risk and progress in business terms.
NIST 800-171 + AI alignment: control mapping that stands up to assessors
Map AI activities to 800-171 families and 171A objectives. Here’s a quick view:
| AI activity | Example evidence | 800-171 families |
|---|---|---|
| Prompt filtering & output guardrails | Configs, test results, logs | AC, AU, SI |
| Model & data change control | Tickets, approvals, rollback plans | CM, CP, SA |
| Vendor due diligence for AI providers | SOW clauses, security attestations | SR, SA, RA |
| CUI segregation / enclave design | Diagrams, network policies, key mgmt | SC, IA, MP |
Need a hand with mappings? Our NIST 800-171 consulting packages include AI-specific artifacts and evidence packs.
CMMC L2 readiness for AI systems: a 30/60/90-day plan
NIST AI RMF for DoD contractors — quick-start checklist
- Inventory AI use (shadow + sanctioned) and tag CUI exposure.
- Publish AI acceptable-use; update SSP scope and assets.
- Kick off CMMC L2 readiness with an AI track.
Days 31–60
- Implement DLP patterns; enforce prompt policies.
- Stand up a secure AI enclave if required (RBAC, key mgmt, logging).
- Run CSF 2.0 assessment to align metrics.
Days 61–90
- Red-team prompts/endpoints; record results as objective evidence.
- Tabletop AI incident scenarios; update IR plan and training.
- Schedule mock assessor interviews; tune SPRS score improvements.
AI risk management framework (NIST): Govern → Map → Measure → Manage
Close the loop by operationalizing the AI risk management framework (NIST) functions: Govern (policy, roles, risk appetite), Map (use-case classification, data/model flows), Measure (security/privacy testing, prompt red-teaming), and Manage (remediation, monitoring, retraining controls). Tie each function to 800-171 evidence and your Compliance Services program so assessors see a coherent story.
What to put in front of assessors & contracting officers
- AI governance charter, AUP, and risk register entries mapped to 800-171 controls.
- Data-flow diagrams showing where CUI can/can’t go; enclave design and access model.
- Prompt filtering results, model change-control logs, and monitoring dashboards.
- Vendor contracts/SOWs with CUI clauses, logging, and purge requirements.
- Updated SSP & POA&M with AI-specific controls and remediation timelines.
Next step: Book a 30-minute session and we’ll map your AI use cases to CMMC L2 and NIST 800-171 in 48 hours — including a draft AI Evidence Pack outline.
FAQ
Does AI RMF replace CMMC or NIST 800-171?
No. AI RMF is a risk management framework for AI systems. CMMC L2/800-171 remain mandatory for protecting CUI. Use AI RMF to govern AI; use 800-171 controls to secure the systems and data.
Can I use a commercial LLM if I handle CUI?
Yes, but only if the provider contractually supports CUI safeguards (no training on your data, encrypted transit/storage, access logging, purge on exit) — or keep CUI out of prompts entirely via DLP and policy.
What evidence will a C3PAO expect if we use AI?
Updated SSP/POA&M, AI governance docs, DLP controls, enclave design (if applicable), vendor SOWs with CUI clauses, and logs demonstrating AC/IA/AU/IR control effectiveness.