AnnualReportA completedMaterialityAssessmentWhat isthe singletransactionlimit?ErnstandYoung3/26/2019RiskCouncilPushthroughassignedprogramsIneffective1Monthly14calendardaysOFACHitValueAddedResellerRegulatoryperspectiveincluded inannual criticalreportingDecemberCubaThirdParty RiskSummaryHIPAAAnyone5.01SupplierNameChangeCommitteeHighestInherent RiskofCompliance,BC, and SRMTPRSSmallTeamVicePresidentBankConfidentialData2/14/2019OCCAnyTierJune3Days100VRC1'sEvaluationQueueAnNDAImpactscustomersbroadly enoughto threatenmarket shareRegenerateAnalysisbased on thenature of theengagementNon-USHeadquartersor Non-USOperations1,069Third PartyProviderManagementStandardFinancialCrimesThird PartyProviderManagementPolicyYesFalseReview thefile posted inthe VMOSharePointsiteVRC1 –VRO –VRC2Access@WorkRequestCriticals and“WhollyOutsourcedDepartment”sVRCSSAE181bOverallcommentsOCCBulletin2013-2921calendardaysBusinessProcessTiersMediumBlankConga2020If 1.01AND 1.17areapplicableExemptUpon acompletedFinancialCrimesreview1,322CoupaModeratelyLowPropertyMaintenanceRiskRatingNoHighFISlatenoticelog-noreply@spfarm.bok.comDelegationFormerlycriticalSharedSLAs5BCTier@bokf.comHighest RiskRating of allactiveRelationshipsFDRemediationTrackerReportAnnualReportA completedMaterialityAssessmentWhat isthe singletransactionlimit?ErnstandYoung3/26/2019RiskCouncilPushthroughassignedprogramsIneffective1Monthly14calendardaysOFACHitValueAddedResellerRegulatoryperspectiveincluded inannual criticalreportingDecemberCubaThirdParty RiskSummaryHIPAAAnyone5.01SupplierNameChangeCommitteeHighestInherent RiskofCompliance,BC, and SRMTPRSSmallTeamVicePresidentBankConfidentialData2/14/2019OCCAnyTierJune3Days100VRC1'sEvaluationQueueAnNDAImpactscustomersbroadly enoughto threatenmarket shareRegenerateAnalysisbased on thenature of theengagementNon-USHeadquartersor Non-USOperations1,069Third PartyProviderManagementStandardFinancialCrimesThird PartyProviderManagementPolicyYesFalseReview thefile posted inthe VMOSharePointsiteVRC1 –VRO –VRC2Access@WorkRequestCriticals and“WhollyOutsourcedDepartment”sVRCSSAE181bOverallcommentsOCCBulletin2013-2921calendardaysBusinessProcessTiersMediumBlankConga2020If 1.01AND 1.17areapplicableExemptUpon acompletedFinancialCrimesreview1,322CoupaModeratelyLowPropertyMaintenanceRiskRatingNoHighFISlatenoticelog-noreply@spfarm.bok.comDelegationFormerlycriticalSharedSLAs5BCTier@bokf.comHighest RiskRating of allactiveRelationshipsFDRemediationTrackerReport

Wild Card - Call List

(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
  1. Annual Report
  2. A completed Materiality Assessment
  3. What is the single transaction limit?
  4. Ernst and Young
  5. 3/26/2019
  6. Risk Council
  7. Push through assigned programs
  8. Ineffective
  9. 1
  10. Monthly
  11. 14 calendar days
  12. OFAC Hit
  13. Value Added Reseller
  14. Regulatory perspective included in annual critical reporting
  15. December
  16. Cuba
  17. Third Party Risk Summary
  18. HIPAA
  19. Anyone
  20. 5.01
  21. Supplier Name Change Committee
  22. Highest Inherent Risk of Compliance, BC, and SRM
  23. TPRS Small Team
  24. Vice President
  25. Bank Confidential Data
  26. 2/14/2019
  27. OCC
  28. Any Tier
  29. June
  30. 3 Days
  31. 100
  32. VRC1's Evaluation Queue
  33. An NDA
  34. Impacts customers broadly enough to threaten market share
  35. Regenerate
  36. Analysis based on the nature of the engagement
  37. Non-US Headquarters or Non-US Operations
  38. 1,069
  39. Third Party Provider Management Standard
  40. Financial Crimes
  41. Third Party Provider Management Policy
  42. Yes
  43. False
  44. Review the file posted in the VMO SharePoint site
  45. VRC1 – VRO – VRC2
  46. Access@Work Request
  47. Criticals and “Wholly Outsourced Department”s
  48. VRC
  49. SSAE18
  50. 1b
  51. Overall comments
  52. OCC Bulletin 2013-29
  53. 21 calendar days
  54. Business Process Tiers
  55. Medium
  56. Blank
  57. Conga
  58. 2020
  59. If 1.01 AND 1.17 are applicable
  60. Exempt
  61. Upon a completed Financial Crimes review
  62. 1,322
  63. Coupa
  64. Moderately Low
  65. Property Maintenance
  66. Risk Rating
  67. No
  68. High
  69. FIS
  70. latenoticelog-noreply @spfarm.bok.com
  71. Delegation
  72. Formerly critical
  73. Shared SLAs
  74. 5
  75. BCTier@bokf.com
  76. Highest Risk Rating of all active Relationships
  77. FD Remediation Tracker Report