CoalfireOne℠ - Key Components

A powerful platform for managing cyber risk and compliance

Developed and used by our own assessors, CoalfireOne provides a single place to access configured assessment types tailored by our practice experts to fit each customer’s needs.. CoalfireOne is our flagship cloud platform that includes:


Access all of your projects from company and project-specific dashboards. Keep track of project specific action items, manage priorities and workload, and project schedule risks. Review product updates and industry news, leverage real-time notifications and alerts.

Document Management

Easily manage documents and evidence through a secure document library. The document libraries are integrated with other features, like action items, to make associating your documents to regulatory requirements easy.

Action Items

CoalfireOne makes it easy to stay on-task with full visibility into what’s needed to satisfy assessment requirements and regulatory controls on a per-project basis. Stay on top of action items such as document collection, project constraints, and asset collection and classification. With full support for requirement classification, work assignment and approval workflow, your assessment tasks will be easier to complete.


Upload assets so that you can easily quantify and group them within scope for your project. Once imported into CoalfireOne, the assets can be referenced for data collection and reviews.


Optimize meeting management and resourcefulness. With meeting management all users involved in your project can review the topics and associated controls that will be assessed during remote and on-site meetings. Project managers can assign meeting attendees to maximize the best use of time, resources and expertise.

Status Messages and Notifications

Receive immediate or daily digest notifications of work that has been assigned to you. Inline links provide direct access to the specific items that require your action.

Comments and Mentions

Make comments and directly mention users on action items. Seamlessly communicate with other assessment members in a single platform, without the need to track and manage emails. All comments and mentions are available to all users so anyone can provide responses and assist in faster resolution.

Help and Guidance

Self-help is simplified by offering users access to online resources within CoalfireOne. Additionally, our action items contain guidance so users will understand exactly what is required to satisfy the requests.

Expertise and Support - Helping You Comply and Manage Risk

The CoalfireOne Services Group helps you understand compliance and what you can do to manage risk. Our ScanDesk team members are certified ASVs, here to assist you as you navigate the various PCI SSC scanning requirements. Additionally, we are here to help you not only address the identified vulnerabilities in need of remediation, but also to provide support on any PCI SSC inquiries. Whether you need assistance determining scope or you have scanning questions, the ScanDesk is here for you.