LLMs changed the federal AI conversation overnight, but the compliance machinery did not. A model that works in a commercial tenant still needs an ATO, a control mapping, a data-flow diagram, and a defense against the prompt-injection class of attacks that didn't exist when NIST 800-53 Rev 5 was drafted. The posts below document the mapping work so the next team doesn't have to do it cold.
If you're deploying to a federal customer, start with the FedRAMP deployment map to pick your model host, then use the NIST 800-53 and prompt-injection pieces to build the security package. The RAG architecture post covers the retrieval layer that most federal LLM use cases actually need.