5Analysisbased on thenature of theengagementVRCRiskRatingSSAE18HIPAACriticals and“WhollyOutsourcedDepartment”sRegulatoryperspectiveincluded inannual criticalreportingBusinessProcessTiersVRC1 –VRO –VRC2AnnualReportTPRSSmallTeam14calendardaysIf 1.01AND 1.17areapplicableRiskCouncilFormerlycriticalErnstandYoungValueAddedReseller1,322Non-USHeadquartersor Non-USOperationsMonthlyImpactscustomersbroadly enoughto threatenmarket shareBCTier@bokf.comThirdParty RiskSummaryAnyoneWhat isthe singletransactionlimit?20201Highest RiskRating of allactiveRelationshipsHighRegenerateFISCoupa21calendardaysSharedSLAs5.01OCCBulletin2013-29Yes1,069PushthroughassignedprogramsReview thefile posted inthe VMOSharePointsiteModeratelyLowOCCUpon acompletedFinancialCrimesreviewDecemberOFACHitFDRemediationTrackerReportBlank2/14/2019Third PartyProviderManagementStandardHighestInherent RiskofCompliance,BC, and SRMDelegation3DaysIneffectiveSupplierNameChangeCommitteeAnyTierAccess@WorkRequestOverallcommentsVRC1'sEvaluationQueueFalseA completedMaterialityAssessmentPropertyMaintenanceMediumJuneBankConfidentialDataExempt1bThird PartyProviderManagementPolicyNoFinancialCrimeslatenoticelog-noreply@spfarm.bok.comConga3/26/2019100CubaVicePresidentAnNDA5Analysisbased on thenature of theengagementVRCRiskRatingSSAE18HIPAACriticals and“WhollyOutsourcedDepartment”sRegulatoryperspectiveincluded inannual criticalreportingBusinessProcessTiersVRC1 –VRO –VRC2AnnualReportTPRSSmallTeam14calendardaysIf 1.01AND 1.17areapplicableRiskCouncilFormerlycriticalErnstandYoungValueAddedReseller1,322Non-USHeadquartersor Non-USOperationsMonthlyImpactscustomersbroadly enoughto threatenmarket shareBCTier@bokf.comThirdParty RiskSummaryAnyoneWhat isthe singletransactionlimit?20201Highest RiskRating of allactiveRelationshipsHighRegenerateFISCoupa21calendardaysSharedSLAs5.01OCCBulletin2013-29Yes1,069PushthroughassignedprogramsReview thefile posted inthe VMOSharePointsiteModeratelyLowOCCUpon acompletedFinancialCrimesreviewDecemberOFACHitFDRemediationTrackerReportBlank2/14/2019Third PartyProviderManagementStandardHighestInherent RiskofCompliance,BC, and SRMDelegation3DaysIneffectiveSupplierNameChangeCommitteeAnyTierAccess@WorkRequestOverallcommentsVRC1'sEvaluationQueueFalseA completedMaterialityAssessmentPropertyMaintenanceMediumJuneBankConfidentialDataExempt1bThird PartyProviderManagementPolicyNoFinancialCrimeslatenoticelog-noreply@spfarm.bok.comConga3/26/2019100CubaVicePresidentAnNDA

Wild Card - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
  1. 5
  2. Analysis based on the nature of the engagement
  3. VRC
  4. Risk Rating
  5. SSAE18
  6. HIPAA
  7. Criticals and “Wholly Outsourced Department”s
  8. Regulatory perspective included in annual critical reporting
  9. Business Process Tiers
  10. VRC1 – VRO – VRC2
  11. Annual Report
  12. TPRS Small Team
  13. 14 calendar days
  14. If 1.01 AND 1.17 are applicable
  15. Risk Council
  16. Formerly critical
  17. Ernst and Young
  18. Value Added Reseller
  19. 1,322
  20. Non-US Headquarters or Non-US Operations
  21. Monthly
  22. Impacts customers broadly enough to threaten market share
  23. BCTier@bokf.com
  24. Third Party Risk Summary
  25. Anyone
  26. What is the single transaction limit?
  27. 2020
  28. 1
  29. Highest Risk Rating of all active Relationships
  30. High
  31. Regenerate
  32. FIS
  33. Coupa
  34. 21 calendar days
  35. Shared SLAs
  36. 5.01
  37. OCC Bulletin 2013-29
  38. Yes
  39. 1,069
  40. Push through assigned programs
  41. Review the file posted in the VMO SharePoint site
  42. Moderately Low
  43. OCC
  44. Upon a completed Financial Crimes review
  45. December
  46. OFAC Hit
  47. FD Remediation Tracker Report
  48. Blank
  49. 2/14/2019
  50. Third Party Provider Management Standard
  51. Highest Inherent Risk of Compliance, BC, and SRM
  52. Delegation
  53. 3 Days
  54. Ineffective
  55. Supplier Name Change Committee
  56. Any Tier
  57. Access@Work Request
  58. Overall comments
  59. VRC1's Evaluation Queue
  60. False
  61. A completed Materiality Assessment
  62. Property Maintenance
  63. Medium
  64. June
  65. Bank Confidential Data
  66. Exempt
  67. 1b
  68. Third Party Provider Management Policy
  69. No
  70. Financial Crimes
  71. latenoticelog-noreply @spfarm.bok.com
  72. Conga
  73. 3/26/2019
  74. 100
  75. Cuba
  76. Vice President
  77. An NDA