
CORL provides industry-leading Managed Services for
security, privacy, and compliance programs.


VENDOR RISK MANAGEMENT
CORL’s flagship tech-enabled managed service offering for Vendor Risk Management provides the people, processes, data, and technology integration that scales your program and delivers results.


MANAGED ASSESSMENT RISK & RESPONSE SERVICES (MARRS)
MARRS is CORL’s assessment response managed service designed to help vendors respond effectively to customer security audits.

Let CORL handle all of your security assessment responses.
- Security and IT teams are over-burdened with completing security questionnaires
- Sales may be lost or delayed for months while waiting for information to be gathered and prepared
- Companies have little to no insight into how their security reputation can negatively impact sales
The MARRS Advantage | Our managed assessment response services include:
- Streamlined responses to customer security assessments
- Effective and timely communication
- Alignment with industry standards (NIST, SIG, ISO)
- Ready access to supporting documentation
- Quality assurance and reporting
- Monitor changes in risk and security reputation
- Standard profile response in 10 days or less
- Feedback and guidance to improve your security reputation


ONSITE AUDIT MANAGED SERVICES
CORL’s Onsite Audit Managed Services help organizations conduct physical security audits for critical and high-risk vendors. Working as an extension of your third-party risk management team, CORL conducts thorough analysis of vendor security postures including the following activities:
-
- Physical walk-throughs of operating facilities, data processing locations, data centers, and more
- Inspection and validation of security controls implementation
- Review of vendor security practices for alignment with contractual and regulatory obligations
Onsite audits are delivered as an on-demand service to support extending the reach of your team to vendors across the globe.

BUSINESS ASSOCIATE AGREEMENT INVENTORY MANAGEMENT
CORL’s Business Associate Agreement (BAA) inventory compliance managed services help healthcare entities get their BAA’s up to date and compliant with HIPAA and OCR regulatory mandates.
- How confident are you that all your Business Associates have up-to-date Business Associate Agreements (BAAs)?
- Are your BAAs current with HITECH requirements?
- Is your inventory up to date with OCR’s BAA guidance and ready to be produced upon investigation?
CORL’s BAA managed services will cost effectively:
- Inventory actual and potential BAs from your vendor master list
- Identify missing or out-of-date Business Associate Agreements
- Reach out to BAs on your behalf to get all required documentation and BAAs updated
OUR APPROACH
