FISBusinessProcessTiers21calendardaysFalseAnnualReportHighestInherent RiskofCompliance,BC, and SRM1Upon acompletedFinancialCrimesreviewPropertyMaintenanceJuneMonthly1,3222020AnNDAImpactscustomersbroadly enoughto threatenmarket share5ErnstandYoungIneffectiveAccess@WorkRequestAnyoneCongaReview thefile posted inthe VMOSharePointsiteYes1bValueAddedResellerAnyTierRiskRatingVRC1'sEvaluationQueueWhat isthe singletransactionlimit?VicePresidentHIPAAlatenoticelog-noreply@spfarm.bok.comThird PartyProviderManagementPolicyHighest RiskRating of allactiveRelationshipsRegenerate5.01Non-USHeadquartersor Non-USOperationsCriticals and“WhollyOutsourcedDepartment”s2/14/2019NoExempt3DaysSupplierNameChangeCommitteeDelegationFinancialCrimesCoupaOverallcomments1003/26/2019DecemberFDRemediationTrackerReportOCCBulletin2013-29PushthroughassignedprogramsBlankOFACHitOCCBCTier@bokf.comThirdParty RiskSummaryFormerlycriticalModeratelyLowMediumAnalysisbased on thenature of theengagementBankConfidentialDataCubaSharedSLAs1,069RiskCouncilVRCThird PartyProviderManagementStandardIf 1.01AND 1.17areapplicable14calendardaysRegulatoryperspectiveincluded inannual criticalreportingTPRSSmallTeamHighSSAE18A completedMaterialityAssessmentVRC1 –VRO –VRC2FISBusinessProcessTiers21calendardaysFalseAnnualReportHighestInherent RiskofCompliance,BC, and SRM1Upon acompletedFinancialCrimesreviewPropertyMaintenanceJuneMonthly1,3222020AnNDAImpactscustomersbroadly enoughto threatenmarket share5ErnstandYoungIneffectiveAccess@WorkRequestAnyoneCongaReview thefile posted inthe VMOSharePointsiteYes1bValueAddedResellerAnyTierRiskRatingVRC1'sEvaluationQueueWhat isthe singletransactionlimit?VicePresidentHIPAAlatenoticelog-noreply@spfarm.bok.comThird PartyProviderManagementPolicyHighest RiskRating of allactiveRelationshipsRegenerate5.01Non-USHeadquartersor Non-USOperationsCriticals and“WhollyOutsourcedDepartment”s2/14/2019NoExempt3DaysSupplierNameChangeCommitteeDelegationFinancialCrimesCoupaOverallcomments1003/26/2019DecemberFDRemediationTrackerReportOCCBulletin2013-29PushthroughassignedprogramsBlankOFACHitOCCBCTier@bokf.comThirdParty RiskSummaryFormerlycriticalModeratelyLowMediumAnalysisbased on thenature of theengagementBankConfidentialDataCubaSharedSLAs1,069RiskCouncilVRCThird PartyProviderManagementStandardIf 1.01AND 1.17areapplicable14calendardaysRegulatoryperspectiveincluded inannual criticalreportingTPRSSmallTeamHighSSAE18A completedMaterialityAssessmentVRC1 –VRO –VRC2

Wild Card - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
  1. FIS
  2. Business Process Tiers
  3. 21 calendar days
  4. False
  5. Annual Report
  6. Highest Inherent Risk of Compliance, BC, and SRM
  7. 1
  8. Upon a completed Financial Crimes review
  9. Property Maintenance
  10. June
  11. Monthly
  12. 1,322
  13. 2020
  14. An NDA
  15. Impacts customers broadly enough to threaten market share
  16. 5
  17. Ernst and Young
  18. Ineffective
  19. Access@Work Request
  20. Anyone
  21. Conga
  22. Review the file posted in the VMO SharePoint site
  23. Yes
  24. 1b
  25. Value Added Reseller
  26. Any Tier
  27. Risk Rating
  28. VRC1's Evaluation Queue
  29. What is the single transaction limit?
  30. Vice President
  31. HIPAA
  32. latenoticelog-noreply @spfarm.bok.com
  33. Third Party Provider Management Policy
  34. Highest Risk Rating of all active Relationships
  35. Regenerate
  36. 5.01
  37. Non-US Headquarters or Non-US Operations
  38. Criticals and “Wholly Outsourced Department”s
  39. 2/14/2019
  40. No
  41. Exempt
  42. 3 Days
  43. Supplier Name Change Committee
  44. Delegation
  45. Financial Crimes
  46. Coupa
  47. Overall comments
  48. 100
  49. 3/26/2019
  50. December
  51. FD Remediation Tracker Report
  52. OCC Bulletin 2013-29
  53. Push through assigned programs
  54. Blank
  55. OFAC Hit
  56. OCC
  57. BCTier@bokf.com
  58. Third Party Risk Summary
  59. Formerly critical
  60. Moderately Low
  61. Medium
  62. Analysis based on the nature of the engagement
  63. Bank Confidential Data
  64. Cuba
  65. Shared SLAs
  66. 1,069
  67. Risk Council
  68. VRC
  69. Third Party Provider Management Standard
  70. If 1.01 AND 1.17 are applicable
  71. 14 calendar days
  72. Regulatory perspective included in annual critical reporting
  73. TPRS Small Team
  74. High
  75. SSAE18
  76. A completed Materiality Assessment
  77. VRC1 – VRO – VRC2