AI Compliance for Government Contracting: CMMC + AI in 2026

If you're a Department of Defense contractor handling Controlled Unclassified Information (CUI), Cybersecurity Maturity Model Certification (CMMC) applies. AI tools that touch CUI inherit the requirements.

Most veterans I work with are aware of CMMC. Many are less clear on how AI usage interacts with it. This guide is the practical map.

This is not legal advice. Talk to a CMMC-experienced attorney or assessor for your specific facts.

CMMC in brief

CMMC is the DoD's framework for cybersecurity maturity in the defense industrial base. Three levels:

• Level 1 (Foundational): 17 basic safeguarding requirements. For contractors handling Federal Contract Information (FCI) only.
• Level 2 (Advanced): 110 requirements derived from NIST SP 800-171. For contractors handling CUI.
• Level 3 (Expert): Additional requirements from NIST SP 800-172. For contractors handling CUI under nation-state threat.

Most veteran-owned defense contractors are Level 2. This guide focuses there.

What "AI handles CUI" means

If any of these are true, AI is in your CMMC scope:

• AI tool reads CUI to generate output
• AI tool writes CUI as part of output
• AI tool stores CUI in caches, logs, or training data
• AI vendor's infrastructure stores CUI in transit

For most production AI uses involving CUI, the answer is yes — the AI is in scope.

This means the AI tool needs to satisfy the relevant CMMC controls applicable to processing, storing, or transmitting CUI.

The cleanest paths

Path A: AI services explicitly designed for CUI.

Several vendors offer AI services authorized for DoD CUI:

• Microsoft Azure OpenAI Service via Azure Government (some configurations)
• AWS GovCloud-based AI services
• Specialized defense-focused AI vendors (Palantir, Anduril, etc.)

These have the audit trail, isolation, and contractual terms that align with CMMC L2. They're typically more expensive than commercial equivalents.

Path B: On-premise or private-cloud AI.

Self-hosted models running on your own CUI-compliant infrastructure. Open-source models (Llama, Mistral, etc.) deployed inside your CUI environment.

This requires more engineering investment but gives complete control over the data path.

Path C: AI on de-identified data only.

If you can strip CUI markings before AI processing, the AI may be out of CMMC scope. The de-identification step is itself in scope (it's CUI processing), but downstream AI is not.

This works for specific use cases (e.g., classifying generic queries) where the CUI elements can be removed.

Paths that don't work for CUI

Consumer AI services (ChatGPT, Claude.ai, etc.). Don't meet CMMC L2 requirements. Don't put CUI into these.

Commercial enterprise AI services without GovCloud/Azure Gov. Generally not authorized for CUI. Always confirm with the vendor before assuming.

AI vendors that train on inputs. Even with appropriate contracts, training on CUI inputs is operationally risky and usually contractually prohibited.

"We'll use AI but mask the sensitive parts" without verification. Masking is a strategy if rigorously verified. Without verification, you'll lose audit findings.

Specific control mappings

CMMC L2 has 110 controls. AI usage primarily affects:

3.1 (Access Control): AI tools need access controls aligned to the rest of your CUI access. Authentication, authorization, audit.

3.3 (Audit and Accountability): AI tool usage must be logged. Who accessed CUI via AI, when, what they did with it.

3.4 (Configuration Management): AI tools count as system components. Configuration baselines, change management, etc.

3.5 (Identification and Authentication): Multi-factor authentication for AI tools that access CUI. No shared accounts.

3.6 (Incident Response): AI tool incidents (data leak, model output containing CUI, vendor breach) need response plans.

3.8 (Media Protection): If AI outputs are stored (logs, cached responses), the storage is CUI media.

3.11 (Risk Assessment): AI tools need to be in your risk assessment. Threats, likelihoods, mitigations.

3.12 (Security Assessment): AI tool security is in scope of your assessment.

3.13 (System and Communications Protection): AI traffic encryption, vendor security posture.

3.14 (System and Information Integrity): AI vendor's vulnerability management, your monitoring.

The CMMC L2 self-assessment guide walks through each. AI tools need to be mapped explicitly.

What veteran-owned contractors should do

Steps that apply to most:

1. AI vendor inventory. Add to your standard vendor inventory. Each vendor: what they do, what data they touch, contract status.

2. Categorize each AI vendor by CUI scope. In CUI scope or out? Be explicit.

3. For in-scope vendors, verify CMMC compatibility. Get vendor's compliance documentation. Don't assume.

4. Documentation. Each in-scope AI vendor needs: - Contract with appropriate data handling terms - Compliance documentation (FedRAMP authorization, etc.) - Audit logging configured - User access controlled and logged - Incident response plan covering vendor breaches

5. Train staff. Anyone with AI access needs to know what's CUI and what's not, and what AI tools they can put CUI into.

6. Annual review. AI vendor landscape changes. Review at least annually.

A specific veteran-owned scenario

You're an SDVOB IT services prime supporting a DoD program. Your team uses AI for:

• Internal communications (no CUI): commercial Claude/ChatGPT enterprise is fine
• Documentation drafting (some CUI): Azure OpenAI via Azure Gov, with audit logging
• Code review (CUI source code): self-hosted models in your CUI enclave
• Customer support (general, no CUI): commercial AI is fine

Each path categorized. Each vendor in scope or not. Documentation maintained. Annual review on calendar.

What auditors look at

CMMC assessors increasingly ask about AI specifically:

• "What AI tools does your organization use?"
• "Which AI tools handle CUI?"
• "Show me the access logs for AI tool usage on CUI."
• "Walk me through your incident response for an AI vendor breach."
• "What's your policy on AI training data?"

Have answers ready. The firms with sloppy AI governance are increasingly being marked deficient on relevant CMMC controls.

What's different in 2026

Two things to know:

1. CMMC 2.0 is in full implementation. Phased rollout is happening through 2026-2028. Contract clauses are appearing in DFARS solicitations. If you're a defense contractor, this is real.

2. DoD AI guidance is maturing. Memos and DFARS guidance specific to AI in DoD context are appearing. The "we'll figure it out later" window is closing.

If your contract terms reference CMMC and you use AI on CUI, you need a defensible compliance posture now, not after the next assessment.

What if you're not yet a defense contractor?

If you're a veteran owner considering defense work:

• CMMC L1 is achievable on commercial infrastructure (mostly basic cybersecurity hygiene)
• CMMC L2 requires meaningful investment ($50k-300k for most small businesses, more for larger)
• L2 readiness typically takes 6-12 months from start to assessment
• AI tooling needs to fit into the L2 posture from the start, not be added after

If you're considering this path, plan for the AI piece during your readiness work, not after.

The bottom line

CMMC + AI is workable. The cleanest path is using AI services explicitly designed for the DoD context (Azure Gov, AWS GovCloud, defense-focused vendors). Commercial AI services generally don't work for CUI.

The cost of doing it right is real but manageable. The cost of doing it wrong is contract debarment.

For veteran-owned contractors, the discipline of CMMC actually aligns well with operational discipline you already have. The framework is documentation, access control, audit, incident response. Familiar territory.

Not legal advice. Get CMMC-experienced counsel and consider working with a CMMC C3PAO (assessor organization) before formal assessment.