CORL provides industry-leading Managed Services for security, privacy, and compliance programs.

Vrsm Icon


CORL’s flagship tech-enabled managed service offering for Vendor Risk Management provides the people, processes, data, and technology integration that scales your program and delivers results.

Onsite Audits Icon


CORL’s Onsite Audit Managed Services help organizations conduct physical security audits for critical and high-risk vendors. Working as an extension of your third-party risk management team, CORL conducts thorough analysis of vendor security postures including the following activities:

    • Physical walk-throughs of operating facilities, data processing locations, data centers, and more
    • Inspection and validation of security controls implementation
    • Review of vendor security practices for alignment with contractual and regulatory obligations

Onsite audits are delivered as an on-demand service to support extending the reach of your team to vendors across the globe.

Inventory Management Icon


CORL’s Business Associate Agreement (BAA) inventory compliance managed services help healthcare entities get their BAA’s up to date and compliant with HIPAA and OCR regulatory mandates.

  • How confident are you that all your Business Associates have up-to-date Business Associate Agreements (BAAs)?
  • Are your BAAs current with HITECH requirements?
  • Is your inventory up to date with OCR’s BAA guidance and ready to be produced upon investigation?

CORL’s BAA managed services will cost effectively:

  • Inventory actual and potential BAs from your vendor master list
  • Identify missing or out-of-date Business Associate Agreements
  • Reach out to BAs on your behalf to get all required documentation and BAAs updated


4Phases OurApproach
Quote Icon

As a Vice President and Security Officer, CORL's MARRS Service is valuable and has certainly made life easier for me. Before working with CORL, a lot of security compliance questionnaires were falling on me and taking up a lot of my time.

– Vice President and Security Officer
Quote Icon

CORL is a ‘force multiplier’ for our InfoSec Program. It is not possible for us to accomplish at this level, with this amount of efficiency, on our own. Even if we had an FTE... It would take a year or more, where CORL can do it in a month. We cannot reproduce this in-house.

– Information Security Leader
Quote Icon

CORL is an excellent partner. Their data presentation was exceptional, and I like that they are leveraging the power of big data to make risk decisions and look at trends across different industries in healthcare, as there are things we may overlook or not know to focus on.

– Information Security Director