Supplier FAQs for CBRE/ACS

How secure is the information I provide?

Security is a central and integral part of our operations and is weaved into every aspect of our business. We recognize the importance of keeping all information secure and that it is vital to guard against threats such as hacking, viruses, denial of service, brute force, spoofing/splitting/smuggling, session hijacking, injections, cross-site scripting, and numerous other threats.

Achilles utilizes Amazon Web Services (AWS) to store and secure our client's data. AWS is ISO 27018 compliant. For more information regarding AWS security, please visit AWS Cloud Security.

Please note that Achilles does not store credit card information or Personally Identifiable Information (PII).

I am having trouble completing the online enrollment form.

Please create a Support Ticket.

I have completed my enrollment but have not received my credentials.

You will receive an email within 24 hours of completing your enrollment. If you have not received the email, please check your spam folder and if it has not been received, create a Support Ticket.

I have submitted new or revised documents and my account has not been updated.

All documents are updated within 48 hours of submission. If your account has not been updated, please create a Support Ticket.

My company has been rated as "Non-Compliant", what should I do?

If your company has been notified that it is Non-Compliant for your CBRE/ACS risk assessment, the first step is to log into your company's Veritas Supplier Portal and view the current risk aassessment for your company. By reviewing the assessment, you will know exactly why your company has failed the risk assessment. Depending on the deficiency, it may be correctable. If you require further clarification regarding the deficiency, please create a Support Ticket.

Why is my company being requested to participate in this risk assessment program?

This Supplier Risk Assessment Program is a key component in how companies manage supplier risk. To effectively manage risk to CBRE/ACS, the program requires certain types of information, such as certificates of insurance, be collected. While you may have provided your client such information previously, your client is requesting your active participation in the program to better align it with supplier risk management industry best practices.

Why is my company being charged an enrollment fee?

There is a cost to obtain the information required to ensure your company’s financial stability and compliance with federal laws as well as for the collection and management of your company’s documentation such as insurance certificates and tax documents. CBRE/ACS is requesting that its suppliers share in the expense as a cost of doing business.

What benefits does my company receive for paying to participate in my client's program?

In most cases, participation in the CBRE/ACS risk assessment program will allow you to continue to conduct business with your CBRE/ACS as an "Approved Supplier". Our secure web based system provides you with an easy method of providing the essential documents your CBRE/ACSneeds to conduct business with your company. In addition, our web based system will allow you to view your company's current risk status to determine if there is any erroneous or outdated information reported about your company.

Can I see the risk assessment results for my company?

Achilles highly recommends that you view your company's risk assessment for any erroneous or outdated information. Much like pulling an individual credit report, it is a good business practice to know what is being reported about your company. Your company can review its report by logging into your Veritas Supplier Portal.

What if my company chooses not to complete the risk assessment?

Our clients "invite" their suppliers to participate in the Achilles Supplier Risk Assessment Program. In most cases, our clients exclude suppliers who do not participate in their Achilles Supplier Risk Assessment Program from their listing of "Approved Suppliers". If your company chooses not to participate, CBRE/ACS will determine whether to engage in future work with your company.

I have not done business with this client in a long time, why should I enroll?

While our clients value the relationship with your company, it is ultimately your internal business decision as to whether you wish to participate in the risk assessment program and maintain an ongoing relationship CBRE/ACS

My company already has been assessed by one of our other clients, do we need to be assessed again?

Yes, your company must be assessed for each of your clients that has implemented the Achilles Supplier Risk Assessment Program as every client has its own unique risk ratings. In addition, Achilles provides each client with the most up to date information possible.