About Tumeryk

Industry Battlecard

Government Contractors

CMMC 2.0, NIST 800-171, and OMB M-24-10 require AI inventory and risk management. A single CUI leak can suspend a contract.

All industries

Shadow AI risk

Cleared and uncleared staff use ChatGPT on documents that may contain CUI or ITAR-controlled data.

Common use cases

  • · Proposal writing
  • · Technical documentation
  • · Code generation
  • · Briefing summaries

Compliance impact

CMMC 2.0
NIST 800-171
OMB M-24-10
ITAR / EAR

Conversation starter

"OMB M-24-10 mandates an AI use inventory. Are you ready for your next CMMC assessment to include AI controls?"

Discovery questions

  • ·Have you scoped AI within your SSP?
  • ·Which AI tools are FedRAMP-authorized for your environment?
  • ·How are you preventing CUI from reaching public LLMs?

Recommended collateral

  • GovCon Battlecard
  • CMMC + AI Crosswalk