WHY CORL?

For a long time I was one person trying to assess 60 vendors, leaving 20-30 vendors out due to time constraints or urgent matters. The CORL VRM services are invaluable to me because through them, I have a team to enable me to get my work done. Being able to have our VRM program in the state it is now would have been impossible without CORL.

From a dollars-and-cents perspective, we don’t have another application in place from a security standpoint that provides as much bang for the buck as CORL does.

We score big points with our Board, our Audit Committee, our auditors, and our risk assessment professionals by using CORL for an objective review of our vendors. Using CORL just takes the heat off of us with auditors, assessors, and our cybersecurity-conscious Board. Frankly, this helps me sleep at night.

CORL is exceptionally valuable. Looking at the email traffic, I know if CORL wasn’t doing it, it would be me or another member of our team. The amount that it has freed us up to do other things, absolutely a 5 out of 5-star rating.

The value-add CORL brings is scalability to execute our VRM program. We need a partner because our internal teams can’t scale and be as robust as the CORL platform. CORL provides great customer service, is willing to work with us to continue to efficiency, and they provide quality reports and a view that our people can consume and take action on. Deliverables that identify the risk, that communicate to vendor and to the Business, and we can all do something about it.

CORL is extremely valuable because a) you provide a service we would have a hard time doing ourselves as a small shop. You are an FTE augmentation, and I consider you my employees working on my behalf, so CORL becomes my team of ~100 people, and b) the CORL methodology and the thoroughness is very much in tune with my background in the financial services industry, where I built third-party assessment programs.