The CORL VRM process and project management is exceptional. I have not worked with a vendor that has been so on top of it and so responsive. It takes a lot of stress off of us to not worry about how things are moving forward - we can focus on what we hired CORL for and not worry about the operational logistics.
Everyone in our health system understands the value of CORL. We have cancelled contracts and not proceeded with vendors based on their security risk assessment results. Now we have our business asking to run a CORL review before they buy.
We are really able to scale our third-party monitoring now. Before CORL, we only performed assessments on new vendors or certain vendors we felt were high risk - very arbitrary. Now we have a much more structured approach on assessing our existing vendors - a part of our third-party risk management program that we hadn’t addressed before.