Third PartyProviderManagementPolicyAnalysisbased on thenature of theengagementFacilitiesMaintenance2020FISJuneBCOFACHitNoRegulatoryperspectiveincluded inannual criticalreporting1,3405.01Upon acompletedFinancialCrimesreviewYesOverallcommentsVRC1'sEvaluationQueue1,069MonthlyThirdParty RiskSummaryOCCBulletin2013-29If 1.01AND 1.17areapplicableCriticals and“WhollyOutsourcedDepartment”sTPRSSmallTeamVicePresidentDelegation21calendardaysRegenerateAnNDACoupaFalseVRCRiskRatingImpacts customersbroadly enough tothreaten marketshare Review the fileposted in the VMOSharePoint siteAnnualReport2/14/2019BlankBCTier@bokf.comIneffective3/26/2019HIPAADecemberHighlatenoticelog-noreply@spfarm.bok.comSupplierNameChangeCommittee100Third PartyProviderManagementStandardNon-USHeadquartersor Non-USOperationsExempt1bPushthroughassignedprogramsAccess@WorkRequestOCC,One3DaysSSAE18,ModeratelyLow3monthsVRC1 –VRO –VRC2, 5BankConfidentialDataBusinessProcessTiersHighest RiskRating of allactiveRelationshipsFinancialCrimesAnyTierHighestInherentRisk ofComplianceRiskCouncilErnstandYoungFormerlycriticalSRM14calendardaysA completedMaterialityAssessmentValueAddedResellerCongaFDRemediationTrackerReportAnyoneCubaSharedSLAsThird PartyProviderManagementPolicyAnalysisbased on thenature of theengagementFacilitiesMaintenance2020FISJuneBCOFACHitNoRegulatoryperspectiveincluded inannual criticalreporting1,3405.01Upon acompletedFinancialCrimesreviewYesOverallcommentsVRC1'sEvaluationQueue1,069MonthlyThirdParty RiskSummaryOCCBulletin2013-29If 1.01AND 1.17areapplicableCriticals and“WhollyOutsourcedDepartment”sTPRSSmallTeamVicePresidentDelegation21calendardaysRegenerateAnNDACoupaFalseVRCRiskRatingImpacts customersbroadly enough tothreaten marketshare Review the fileposted in the VMOSharePoint siteAnnualReport2/14/2019BlankBCTier@bokf.comIneffective3/26/2019HIPAADecemberHighlatenoticelog-noreply@spfarm.bok.comSupplierNameChangeCommittee100Third PartyProviderManagementStandardNon-USHeadquartersor Non-USOperationsExempt1bPushthroughassignedprogramsAccess@WorkRequestOCC,One3DaysSSAE18,ModeratelyLow3monthsVRC1 –VRO –VRC2, 5BankConfidentialDataBusinessProcessTiersHighest RiskRating of allactiveRelationshipsFinancialCrimesAnyTierHighestInherentRisk ofComplianceRiskCouncilErnstandYoungFormerlycriticalSRM14calendardaysA completedMaterialityAssessmentValueAddedResellerCongaFDRemediationTrackerReportAnyoneCubaSharedSLAs

VMeOw - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
  1. Third Party Provider Management Policy
  2. Analysis based on the nature of the engagement
  3. Facilities Maintenance
  4. 2020
  5. FIS
  6. June
  7. BC
  8. OFAC Hit
  9. No
  10. Regulatory perspective included in annual critical reporting
  11. 1,340
  12. 5.01
  13. Upon a completed Financial Crimes review
  14. Yes
  15. Overall comments
  16. VRC1's Evaluation Queue
  17. 1,069
  18. Monthly
  19. Third Party Risk Summary
  20. OCC Bulletin 2013-29
  21. If 1.01 AND 1.17 are applicable
  22. Criticals and “Wholly Outsourced Department”s
  23. TPRS Small Team
  24. Vice President
  25. Delegation
  26. 21 calendar days
  27. Regenerate
  28. An NDA
  29. Coupa
  30. False
  31. VRC
  32. Risk Rating
  33. Impacts customers broadly enough to threaten market share Review the file posted in the VMO SharePoint site
  34. Annual Report
  35. 2/14/2019
  36. Blank
  37. BCTier@bokf.com
  38. Ineffective
  39. 3/26/2019
  40. HIPAA
  41. December
  42. High
  43. latenoticelog-noreply@ spfarm.bok.com
  44. Supplier Name Change Committee
  45. 100
  46. Third Party Provider Management Standard
  47. Non-US Headquarters or Non-US Operations
  48. Exempt
  49. 1b
  50. Push through assigned programs
  51. Access@Work Request
  52. OCC, One
  53. 3 Days
  54. SSAE18, Moderately Low
  55. 3 months
  56. VRC1 – VRO – VRC2, 5
  57. Bank Confidential Data
  58. Business Process Tiers
  59. Highest Risk Rating of all active Relationships
  60. Financial Crimes
  61. Any Tier
  62. Highest Inherent Risk of Compliance
  63. Risk Council
  64. Ernst and Young
  65. Formerly critical
  66. SRM
  67. 14 calendar days
  68. A completed Materiality Assessment
  69. Value Added Reseller
  70. Conga
  71. FD Remediation Tracker Report
  72. Anyone
  73. Cuba
  74. Shared SLAs