CongaCubaAnyone2/14/2019AnNDARiskCouncilAnalysisbased on thenature of theengagementHighReview thefile posted inthe VMOSharePointsiteAnnualReportAnyTierCriticals and“WhollyOutsourcedDepartment”sIf 1.01AND 1.17areapplicable1100DecemberFormerlycritical5ErnstandYoungNon-USHeadquartersor Non-USOperationsIneffectiveExemptOCCBulletin2013-29PropertyMaintenancePushthroughassignedprogramslatenoticelog-noreply@spfarm.bok.comA completedMaterialityAssessmentYes3DaysFalseBankConfidentialDataWhat isthe singletransactionlimit?Medium21calendardaysDelegationSupplierNameChangeCommitteeUpon acompletedFinancialCrimesreview14calendardaysImpactscustomersbroadly enoughto threatenmarket shareVRCBCTier@bokf.comRegulatoryperspectiveincluded inannual criticalreportingTPRSSmallTeam1,322June2020ValueAddedResellerOFACHitRiskRatingSharedSLAsThird PartyProviderManagementPolicyBlankSSAE183/26/2019CoupaVicePresidentThirdParty RiskSummaryOverallcommentsVRC1 –VRO –VRC2ModeratelyLow1,0691bHighest RiskRating of allactiveRelationshipsVRC1'sEvaluationQueueFinancialCrimesOCCNoBusinessProcessTiersMonthlyAccess@WorkRequestHIPAAThird PartyProviderManagementStandardHighestInherent RiskofCompliance,BC, and SRMFISRegenerate5.01FDRemediationTrackerReportCongaCubaAnyone2/14/2019AnNDARiskCouncilAnalysisbased on thenature of theengagementHighReview thefile posted inthe VMOSharePointsiteAnnualReportAnyTierCriticals and“WhollyOutsourcedDepartment”sIf 1.01AND 1.17areapplicable1100DecemberFormerlycritical5ErnstandYoungNon-USHeadquartersor Non-USOperationsIneffectiveExemptOCCBulletin2013-29PropertyMaintenancePushthroughassignedprogramslatenoticelog-noreply@spfarm.bok.comA completedMaterialityAssessmentYes3DaysFalseBankConfidentialDataWhat isthe singletransactionlimit?Medium21calendardaysDelegationSupplierNameChangeCommitteeUpon acompletedFinancialCrimesreview14calendardaysImpactscustomersbroadly enoughto threatenmarket shareVRCBCTier@bokf.comRegulatoryperspectiveincluded inannual criticalreportingTPRSSmallTeam1,322June2020ValueAddedResellerOFACHitRiskRatingSharedSLAsThird PartyProviderManagementPolicyBlankSSAE183/26/2019CoupaVicePresidentThirdParty RiskSummaryOverallcommentsVRC1 –VRO –VRC2ModeratelyLow1,0691bHighest RiskRating of allactiveRelationshipsVRC1'sEvaluationQueueFinancialCrimesOCCNoBusinessProcessTiersMonthlyAccess@WorkRequestHIPAAThird PartyProviderManagementStandardHighestInherent RiskofCompliance,BC, and SRMFISRegenerate5.01FDRemediationTrackerReport

Wild Card - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
  1. Conga
  2. Cuba
  3. Anyone
  4. 2/14/2019
  5. An NDA
  6. Risk Council
  7. Analysis based on the nature of the engagement
  8. High
  9. Review the file posted in the VMO SharePoint site
  10. Annual Report
  11. Any Tier
  12. Criticals and “Wholly Outsourced Department”s
  13. If 1.01 AND 1.17 are applicable
  14. 1
  15. 100
  16. December
  17. Formerly critical
  18. 5
  19. Ernst and Young
  20. Non-US Headquarters or Non-US Operations
  21. Ineffective
  22. Exempt
  23. OCC Bulletin 2013-29
  24. Property Maintenance
  25. Push through assigned programs
  26. latenoticelog-noreply @spfarm.bok.com
  27. A completed Materiality Assessment
  28. Yes
  29. 3 Days
  30. False
  31. Bank Confidential Data
  32. What is the single transaction limit?
  33. Medium
  34. 21 calendar days
  35. Delegation
  36. Supplier Name Change Committee
  37. Upon a completed Financial Crimes review
  38. 14 calendar days
  39. Impacts customers broadly enough to threaten market share
  40. VRC
  41. BCTier@bokf.com
  42. Regulatory perspective included in annual critical reporting
  43. TPRS Small Team
  44. 1,322
  45. June
  46. 2020
  47. Value Added Reseller
  48. OFAC Hit
  49. Risk Rating
  50. Shared SLAs
  51. Third Party Provider Management Policy
  52. Blank
  53. SSAE18
  54. 3/26/2019
  55. Coupa
  56. Vice President
  57. Third Party Risk Summary
  58. Overall comments
  59. VRC1 – VRO – VRC2
  60. Moderately Low
  61. 1,069
  62. 1b
  63. Highest Risk Rating of all active Relationships
  64. VRC1's Evaluation Queue
  65. Financial Crimes
  66. OCC
  67. No
  68. Business Process Tiers
  69. Monthly
  70. Access@Work Request
  71. HIPAA
  72. Third Party Provider Management Standard
  73. Highest Inherent Risk of Compliance, BC, and SRM
  74. FIS
  75. Regenerate
  76. 5.01
  77. FD Remediation Tracker Report