“I rate the value of CORL as a 5 out of 5. We don’t have the ability to do this in-house, period. The depth of work that is put into the process would requires us to have a few staff. It’s extremely valuable to have CORL and we definitely use CORL as an extension of our team. I simply cannot replace the amount of work and value CORL provides.”

— Director of Information Security Compliance

“We are really able to scale our third-party monitoring now. Before CORL, we only performed assessments on new vendors or certain vendors we felt were high risk – very arbitrary. Now we have a much more structured approach on assessing our existing vendors – a part of our third-party risk management program that we hadn’t addressed before.”

— Senior Risk and Compliance Manager

“CORL is exceptionally valuable for an insanely great price point. Thinking about the work effort alone, I would have to double my team or lose my mind. I would need another 4- or 5-person team to manage the ~980 vendor relationships.”

— Information Security Officer

“The value-add CORL brings is scalability to execute our VRM program. We need a partner because our internal teams can’t scale and be as robust as the CORL platform. CORL provides great customer service, is willing to work with us to continue to efficiency, and they provide quality reports and a view that our people can consume and take action on. Deliverables that identify the risk, that communicate to vendor and to the Business, and we can all do something about it.”

— Director of Enterprise Information Security Office