CMMC Made Simple with SOLACE GUAM

We start by identifying what type of information your company handles:

• FCI (Federal Contract Information) → CMMC Level 1

• CUI (Controlled Unclassified Information) → CMMC Level 2
  Our experts assess your current environment to determine the appropriate level for your organization.

SOLACE GUAM performs a full review of your existing cybersecurity controls to identify compliance gaps.
We provide a clear report showing what is already compliant and what still needs improvement.

We create a detailed roadmap listing every missing control, responsible person, and completion timeline — ensuring a clear path toward full compliance.

Our team helps you implement all required security practices:

• Level 1: 17 basic practices (FAR 52.204-21)

• Level 2: 110 controls (NIST SP 800-171)
  Including:
  ✅ Multi-Factor Authentication (MFA)
  ✅ Data Encryption
  ✅ Secure Access Controls
  ✅ Antivirus & Patch Management
  ✅ Physical Security & Visitor Logs

We create and organize all the necessary documentation for your CMMC compliance:

• System Security Plan (SSP)

• Incident Response Plan

• Access Control Policy

• Configuration Management Plan

• Training Records & Visitor Logs

We provide CMMC Level 1 or Level 2 Training for your employees.
Our sessions ensure that all staff understand cybersecurity best practices and compliance responsibilities.

Before the official certification, SOLACE GUAM conducts an internal review to verify all controls are in place and working correctly.
We fix any non-compliance issues to ensure your company is fully ready for assessment.