CoalfireOne℠ - Key Components

A powerful platform for managing cyber risk and compliance

Developed and used by our own assessors, CoalfireOne provides a single place to access configured assessment types tailored by our practice experts to fit each customer’s needs.. CoalfireOne is our flagship cloud platform that includes:


Access all of your projects from company and project-specific dashboards. Keep track of project specific action items, schedule timelines, and manage priorities and risks. Ensuring that your projects meet expected dates and results.


Utilizing information that is defined during the environment and scope definition process, our assessors will configure the necessary requirements and controls for your project. By tailoring the project in this way all project members are able to focus on the critical items required for compliance and reporting needs.

Document Management

Easily manage documents and evidence through a secure document library. The document libraries are integrated with other features, like action items, to automatically create relationships to in-scope controls and requirements.

Action Items

CoalfireOne makes it easy to stay on-task with full visibility into what’s needed to satisfy assessment requirements and regulatory controls on a per-project basis. Stay on top of action items such as document collection, project constraints, and asset and evidence collection. Create your own action items and custom fields to manage your internal needs and communicate with your teams. With full support for requirement classification, work assignment and approval workflow, your assessment tasks will be easier to complete.


Upload asset details so sampling groups can more easily be created and communicated within scope for your project. Once imported into CoalfireOne, the assets can be referenced for data and evidence reviews.


Manage meeting and interview scheduling and resource assignments. With meeting management all users involved in your project can review the topics and related controls and requirements that will be assessed during remote and on-site meetings. Project managers can assign meeting attendees to maximize the best use of time, resources and expertise. Leverage the ability to export ICS calendar files and import them into your calendar to stay up to date.


Configure messaging settings for immediate notifications, reminders, or daily digest notifications of work that has been assigned to you. Utilize inline links for direct access to the specific items that require your action.

Comments and Mentions

Make comments and directly mention users on action items. Seamlessly communicate with other assessment members in a single platform, without the need to track and manage emails. All comments and mentions are available to all users so anyone can provide responses and assist in faster resolution.

Help and Guidance

Self-help is simplified by offering users access to online resources within CoalfireOne. Our action items contain important guidance so users will understand exactly what is required to satisfy the requests.

Product support

CoalfireOne makes it easy to request assistance and quickly resolve issues. With easy to use feature request and help request submission forms you can submit help requests without having to leave your project and workflow. CoalfireOne support actively monitors these requests to ensure timely responses because your time is important.

Scanning Support - Helping You Comply and Manage Risk

The CoalfireOne Scanning Services Team (CF1SS) helps you understand compliance and what you can do to manage risk. CF1SS team members are certified ASVs, here to assist you as you navigate the various PCI SSC scanning requirements. Additionally, we are here to help you not only address the identified vulnerabilities in need of remediation, but also to provide support on any PCI SSC inquiries. Whether you need assistance determining scope or you have scanning questions, the CF1SS Team is here for you.