Most organizations approaching CMMC 2.0 treat it as a documentation exercise. They assemble policy binders, write system security plans, and stand up a shared drive of screenshots. Then the assessor arrives โ and asks them to demonstrate the control, live, and produce an audit trail proving it has been running. That is where the binder stops helping.
You don't fail CMMC 2.0 on controls. You fail on proof. This piece covers what CMMC 2.0 actually requires, the recurring ways organizations fall short, the new blind spot the framework predates โ AI agents and non-human identities touching CUI โ and how RuntimeAI closes the gap as one platform: Identity, Security, Governance, Audit, and continuous compliance.
What CMMC 2.0 Actually Is
CMMC โ the Cybersecurity Maturity Model Certification โ is the U.S. Department of Defense's program for verifying that companies in the Defense Industrial Base adequately protect sensitive government information. Version 2.0 streamlined the original five-level model into three, and anchored the requirements to existing NIST standards rather than a bespoke control set.
The two categories of information that drive scope:
- FCI (Federal Contract Information): information provided by or generated for the government under a contract, not intended for public release.
- CUI (Controlled Unclassified Information): information the government requires to be safeguarded โ technical data, specifications, and the like. Handling CUI is what pushes an organization into the higher, assessed levels.
The three levels:
- Level 1 โ Foundational: 17 basic safeguarding practices for FCI, met via annual self-assessment.
- Level 2 โ Advanced: the 110 security requirements of NIST SP 800-171, for organizations handling CUI. For prioritized acquisitions this requires a third-party assessment by a C3PAO (Certified Third-Party Assessor Organization) every three years.
- Level 3 โ Expert: Level 2 plus a subset of NIST SP 800-172 enhanced requirements, assessed by the government, for the highest-priority programs.
The NIST SP 800-171 requirements are organized into 14 control families โ Access Control (AC), Audit and Accountability (AU), Configuration Management (CM), Identification and Authentication (IA), Incident Response (IR), System and Communications Protection (SC), System and Information Integrity (SI), Security Assessment (CA), Risk Assessment (RA), and five more. A Level 2 assessment is not a paperwork review: the C3PAO expects to see the control operating and the evidence that proves it.
Why Organizations Fail โ Evidence, Not Controls
The recurring failure modes in CMMC preparation rhyme with one another, and they all reduce to the same root cause.
The system boundary and asset inventory drift as the environment changes. Assets that store, process, or transmit CUI get missed; the diagram no longer matches reality. Inaccurate scoping undermines every downstream control โ you cannot protect, or prove you protect, what you did not enumerate.
The policy says logs are reviewed daily; the record shows weekly. The moment day-to-day operations contradict documented procedure, the control fails โ not because the control is wrong, but because there is no trustworthy evidence it runs the way the paperwork claims.
When responsibility for a control is split across a managed service provider, a cloud provider, and the contractor, and nobody has drawn the line explicitly, the control falls through the crack. Shared-responsibility ambiguity is one of the most common ways a requirement quietly goes unmet.
Standard application logs in a mutable store do not satisfy an assessor who needs to reconstruct what happened, months later, and trust that the record was not altered. Without a durable, tamper-evident audit trail, "we did the right thing" is an assertion, not evidence.
Different findings, one root cause: you cannot demonstrate, on demand, what your systems did โ and you cannot prove the evidence wasn't touched.
The Blind Spot the Checklist Predates: AI in Your CUI
Now add the part written before AI arrived in the enterprise. The fastest-growing actors inside these environments are non-human: AI copilots, automation service accounts, MCP tools, and agent API tokens. They increasingly read and move CUI โ and they almost never appear in the scope boundary.
They have no configuration baseline. Their credentials are rarely scoped or short-lived. Their actions seldom land in an audit trail an assessor would accept. A valid token doing invalid things looks exactly like normal traffic. That is a live gap across Access Control (AC), Identification and Authentication (IA), Audit and Accountability (AU), and Configuration Management (CM) โ sitting in the one place nobody inventoried. As AI adoption accelerates inside the Defense Industrial Base, this is the gap that will turn a "we passed last cycle" into a finding.
How RuntimeAI Maps to CMMC โ One Platform
RuntimeAI deploys as a control plane over your existing AI and application infrastructure โ no model changes, no data migration. It is Identity + Security + Governance + Audit + Continuous Compliance in one platform, and each capability maps directly to the CMMC / NIST SP 800-171 control families. The table shows the mapping.
| RuntimeAI Control | CMMC / 800-171 Family | Compliance Capability |
|---|---|---|
| Know Your Agent (KYA) | AC ยท IA | Scoped, least-privilege credentials and an immutable inventory for every AI agent and non-human identity. The asset list stops being a spreadsheet โ every actor touching CUI is identified, authenticated, and baselined. |
| Runtime Guardrails / AI Firewall | SC ยท SI | Input/output policy on every agent call โ prompt-injection defense, egress control, and content inspection at the boundary. Protects the integrity of the system and the communications flowing through it. |
| Control Plane | CM ยท AC | Policy enforced at runtime, not at deploy time. Every tool call, MCP message, and cross-tenant request is policy-checked in milliseconds against a documented baseline โ configuration and access enforced continuously. |
| Kill Switch | IR | Terminate a hijacked agent or a rogue workload in under 10 milliseconds. Containment as an operable, tested function โ the incident-response capability an assessor asks you to demonstrate, not describe. |
| Immutable Audit (PQ-Sign) | AU | A post-quantum, tamper-evident audit trail with a cryptographic chain of custody. Decision-level detail, retained and exportable in assessor-ready form. The record cannot be altered after the fact. |
| Continuous Compliance | CA ยท RA | Always-on evidence and posture monitoring against your control set โ not a once-a-year scramble. Risk signals escalate; drift is caught between assessments, not discovered during one. |
| PQ Data Security (QuantumVault) | SC | Tokenization and post-quantum encryption (ML-KEM / ML-DSA, FIPS 203/204) for CUI at rest and on the wire. Format-preserving where operational utility is required. |
| 60+ Framework Mapping | Cross-framework | Map your controls once and satisfy many regimes โ CMMC, NIST SP 800-171, SOC 2, FedRAMP, HIPAA, PCI and more. One evidence layer, 60+ frameworks, no duplicate work. |
Why "Out of the Box"
Most compliance work is a project: months of documentation, control-by-control evidence gathering, and a consulting engagement to assemble it. RuntimeAI inverts that. Because it sits at the identity, enforcement, and audit layer where these controls actually live, the evidence is generated as a byproduct of the platform running โ from day one, not after a documentation sprint completes.
Identity is inventoried the moment an agent registers. Policy enforcement produces an immutable log on every call. The kill switch is a live function, tested on demand. Continuous compliance means the posture dashboard is current between assessments, and the same evidence layer maps across 60+ frameworks โ so a control satisfied for CMMC is already most of the way to SOC 2, FedRAMP, and the rest.
One platform, five jobs.
Identity โ Know Your Agent (KYA): scoped credentials + immutable inventory for every AI agent and non-human identity (AC, IA).
Security โ runtime guardrails, AI firewall, and post-quantum data protection (SC, SI).
Governance โ a control plane enforcing policy at runtime, not deploy time (CM, AC).
Audit โ a post-quantum, tamper-evident trail with decision-level detail (AU).
Continuous Compliance โ always-on evidence across 60+ frameworks, plus a sub-10ms kill switch for containment (CA, RA, IR).
The RuntimeAI Take
We are not replacing your GRC stack, your C3PAO, or your vCISO โ that is the front door, and it is doing its job. We tell every customer that. What RuntimeAI adds is the layer the framework was written before: identity, enforcement, and assessor-grade evidence for the AI agents and non-human identities that now move CUI, made continuous instead of a once-a-year scramble.
CMMC 2.0 rewards organizations that can prove their controls run. The scope is bounded โ 14 control families, a defined set of NIST SP 800-171 requirements, and an assessor who wants to watch the control work. The gap between where most organizations are and where they need to be is smaller than it looks, if the right control layer is already running when the assessor arrives. If AI is entering your CUI environment, the first question to answer is simple: is it in your scope boundary yet?
See CMMC 2.0 Compliance, Out of the Box
Identity, Security, Governance, Audit and continuous compliance in one platform โ mapped to CMMC control families across 60+ frameworks.
Explore RuntimeAIWant to walk your CMMC 2.0 mapping with our team? Book a compliance review
Appendix: Sources & Research Notes
Citations refer to the CMMC Program rule and the underlying NIST standards. Control-family references use the NIST SP 800-171 family abbreviations that CMMC Level 2 is built on.
Primary Sources
- 32 CFR Part 170 โ CMMC Program final rule, U.S. Department of Defense. Establishes the three-level model, assessment types, and C3PAO ecosystem: dodcio.defense.gov/cmmc
- 48 CFR (DFARS) CMMC acquisition rule โ implements CMMC as a condition of contract award, phasing requirements into solicitations.
- NIST SP 800-171 โ Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations. The 110 security requirements across 14 families that CMMC Level 2 assesses: csrc.nist.gov
- NIST SP 800-172 โ Enhanced security requirements for protecting CUI; the basis for CMMC Level 3.
- NIST SP 800-171A โ Assessment procedures: the objectives and evidence an assessor uses to determine whether each requirement is met.
- NIST FIPS 203 / 204 โ Module-Lattice Key-Encapsulation (ML-KEM) and Digital Signature (ML-DSA) standards underpinning RuntimeAI's post-quantum data protection and audit signing.
Control-Family Reference (NIST SP 800-171)
- AC โ Access Control ยท AU โ Audit and Accountability ยท AT โ Awareness and Training ยท CM โ Configuration Management ยท IA โ Identification and Authentication ยท IR โ Incident Response ยท MA โ Maintenance ยท MP โ Media Protection ยท PS โ Personnel Security ยท PE โ Physical Protection ยท RA โ Risk Assessment ยท CA โ Security Assessment ยท SC โ System and Communications Protection ยท SI โ System and Information Integrity.
Research Notes
On assessment as demonstration, not documentation: NIST SP 800-171A defines assessment objectives that an assessor validates through examination, interview, and test. The "test" method is why live demonstration and durable evidence โ not a policy PDF โ determine the outcome for many requirements.
On non-human identity scope: The 800-171 families make no exception for automated actors. Service accounts, API tokens, and AI agents that store, process, or transmit CUI are in-scope assets subject to AC, IA, AU, and CM. Because they are frequently omitted from the asset inventory and system boundary, they are a common source of unaddressed requirements.
On shared responsibility: Under the CMMC model, controls inherited from an external service provider must be documented explicitly โ which are fully inherited, shared, or internally managed โ or they risk being treated as unmet. Cloud service providers handling CUI are generally expected to meet FedRAMP-equivalent requirements.
On "60+ frameworks": RuntimeAI's evidence layer maps a single control implementation to multiple compliance regimes (CMMC, NIST SP 800-171, SOC 2, FedRAMP, HIPAA, PCI DSS, ISO 27001 and others), reducing duplicate evidence collection across audits.