What Can We Do for You?

What Can We Do for You?

View our corporate brochure to learn more about how Coalfire can help with your IT GRC program.

Download

Featured Coalfire Video

See why organizations in a wide range of industries turn to Coalfire to address their IT GRC challenges.

The Coalfire Blog
Data Privacy Day 2012 – BYOD

January marks Data Privacy Month and on January 28th we celebrated Data Privacy Day. In the...

About Us

Independent IT Audit and Compliance Leadership

Founded in 2001, Coalfire is a fast-growing IT Governance, Risk and Compliance (IT GRC) firm, serving as a trusted advisor and IT GRC tools-provider to security-conscious leaders in Retail, Financial Services, Healthcare, Hospitality, Higher Education, Government and Utilities. We help our clients recognize and control IT-related risks and maintain compliance with all major industry and government standards.

Our Company History

We’ve been in the IT security business for as long as it has existed. One of our first clients was a major credit card processor that was compromised by a major cyber attack. We investigated the breach, uncovered the root causes and helped create a controls program that protects our client to this day. More importantly, that firm is now a recognized leader among its peers and continues to successfully protect itself against increasingly sophisticated (and daily) attacks.

Today, Coalfire serves thousands of clients across North America, with offices in Dallas, Denver, New York City, Los Angeles, San Francisco and Seattle.  Soon, we'll open offices in Atlanta and Chicago. We are privately-held by our co-founders and a small group of outside investors, which now includes Baird Venture Partners. We're growing rapidly, hiring additional talent, and investing in Navis, Coalfire’s cloud-based compliance management solution.

Our Mission and Core Beliefs

Simply stated, Coalfire exists because of four fundamental beliefs:

1.  IT risks (a.k.a. cyber threats) are real and the risks are multiplying.
2.  As a result, most organizations face increasing industry and regulatory demands.
3.  A well-designed, well-maintained IT GRC program is your best line of defense.
4.  Compliance can only be verified via an independent assessment.

Coalfire’s continuing mission is to provide knowledge, tools, guidance and independent assessment services to all organizations worth protecting. 

Credentials and Affiliations

  • Associate Business Continuity Professional (ABCP)
  • Certified Disaster Recovery Planner (CDRP)
  • Certified in the Governance of Enterprise IT® (CGEIT®)
  • Certified Information Security Assessor (CISA)
  • Certified Information Security Manager® (CISM®)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Internal Auditor® (CIA®)
  • Certified Business Continuity Professional (CBCP)
  • FedRAMP Accredited Third Party Assessment Organization (3PAO)
  • GIAC Penetration Tester (GPEN)
  • Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) Assessor
  • National Society of Accountants (NSA)
  • PCI SSC Approved Scanning Vendor (ASV)
  • PCI SSC Qualified Security Assessor Company (QSAC)
  • PCI SSC Payment Application Qualified Security Assessor (PA-QSA)
  • PCI SSC Payment Application Qualified Security Assessor Point-to-Point Encryption (PA-QSA P2PE)