Don't take the names seriously. These are just tags.
If the COR applied on an incoming dial-peer (for incoming calls) is a super set or equal to the COR applied to theoutgoing dial-peer (for outgoing calls), the call goes through. Incoming and outgoing are terms used with respect to the "voice ports". COR is often described as a lock and key mechanism. Locks are assigned to dial peers with an outgoing COR list. Keys are assigned to dial peers with an incoming COR list.
Simply when you want to restrict dial-peer access to certain DN, you need to apply corlist first to DN (towards incoming dial-peer) and then to outbound POTS dial-peers.
Now DN can access the outbound dial-peer only if corlist on DN is the superset of corlist under outbound dial-peer. Make sense?
Also note that if corlist is not applied to DN or dial-peers, they don't involve in corlist restrictions and selectable by anyone.
Coming back to your case, when we apply corlist incoming restrict to DN (inbound dial-peer) and 'corlist outgoing allowed' to all outbound dial-peers, that respective DN won't be able to make any external call since corlist incoming is not the superset of outbound cor list (incoming corlist restrict only includes security tag whereas outgoing corlist on outbound dial-peers include both security and executive tag).
Now you don't need to apply corlist to any other DN which you don't want to restrict for making PSTN calls. As I mentioned before, when corlist is not applied either to inbound or outbound dial-peer, that call doesn't qualify for corlist restriction.
At the end, apply 'corlist incoming restrict' to only those DN which you want to restrict from making PSTN calls. Don't apply corlist to DN which you don't want to restrict. Apply 'corlist outgoing allowed' to all outbound POTS dial-peers and 'corlist incoming allowed' to inbound POTS dial-peer.
I will suggest you to go through following document to get over the corlist concept;
http://www.cisco.com/c/en/us/support/docs/voice/call-routing-dial-plans/42720-configuring-cor.html
