Professional Documents
Culture Documents
Infrastructure
Learning Institute
( I2LI )
Pengenalan ISO 31000:2018
Day-1, Rabu 27 Oktober 2021
“Risk comes from not knowing what
you’re doing”
Warren Buffet
WHY does risk matter?
The purpose
of risk management is
to create and protect value
DEFINISI RISIKO
Destination :Airport
Objection: site visit in Balikpapan
AT 10.00 WITA
?
So, Is Risk Good or Bad?
THREAT OPPORTUNITIES
Based on objectives and A situation in
point of view Any circumstances or
which something can
event with the potential
be improve, when value
to harm something
can be created for a
constituency and
Capture by creator
Potential
Potential Loss RISK Gain
MASALAH VS RISIKO
Problem/Crisis Management
Ketidakpastian
Kita tidak dapat mengelola
ketidakpastian, dan ketika itu menjadi
masalah, kerusakan telah dibuat.
Risiko
Keputusan
Risk also an
Risk can be a threat opportunity
Beware of future
Dynamic
Danger
Ambiguous
Non-linear
Global (global/local)
Emergent
Relational
The Black Swan, a hindsight
All swans must be white (?)
?
The answer : It is an Issue/ Problem
The Great Plague Marseilles
Arriving in Marseille, France in 1720, the disease killed a total of 100,000 people:
50,000 in the city during the next two years and another 50,000 to the north in
surrounding provinces and towns.
The first cholera pandemic (1817–1824), also known as the first Asiatic cholera
pandemic or Asiatic cholera, began near the city of Calcutta and spread throughout
South and Southeast Asia to the Middle East, eastern Africa and the Mediterranean
coast.
03
The Spanish flu, also known as the 1918 flu pandemic, was
an unusually deadly influenza pandemic caused by
the H1N1 influenza A virus. Lasting from February 1918 to
April 1920, it infected 500 million people – about a third of
02 the world's population at the time – in four successive
waves.
Risk Management
RISK
No Information Partial Information Complete Information
Berdasarkan
Informasi
Tersedia
Total General Specific Total
Uncertainty Uncertainty Uncertainty Certainty
ISO Guide 73:2009 defines : uncertainty as “state, Ketidakpastian sebagai "keadaan, bahkan sebagian, dari
even partial, of deficiency of information related to a kekurangan informasi terkait dengan peristiwa di masa depan,
konsekuensi atau kemungkinan".
future event, consequence or likelihood”.
DISASTER, RISK & CRISIS MANAGEMENT
INTEGRATED RISK MANAGEMENT
Integration of…
STRATEGIC
OPERASIONAL
TACTICAL
Integration of…
SIAPAKAH PEMILIK RISIKO ITU?
Tingkat berbeda memiliki jenis risiko yang berbeda
Division Level
Risks ultimately should be
filtered to the lowest level
possible for ownership and
mitigation
Department Level
Section Level
21
ERM VS IRM
▪ Integrated Risk Management (IRM) merupakan pendekatan yang menghubungkan fokus strategis program
Enterprise Risk Management (ERM) dengan langkah-langkah taktis yang diperlukan untuk melindungi aset
bisnis yang paling relevan
▪ Program ERM biasanya efektif untuk lebih memahami risiko strategis. Namun, program ERM tidak seefektif
mengatasi risiko di tingkat yang lebih rendah.
Sumber: blogs.gartner.com
LEVEL IMPLEMENTASI ERM
VALUE CONTRIBUTED
Enterprise-wide
Finansial Operasional Manajemen Risk Management
Strategy
Business Risk
Management
Risk
Management
Value Driven
Optimized
Managed maturity
Integration of positively
Insight risk and strategy influencing cost
into one office of capital, credit
Risk being rating and
Awareness professionalized with derived
authority form insurance
Board : risk appetite
framework, data board and CEO
Basic awareness with
introduction of governance
Structured commencing
informality, but formal
dependent on processes
local
imperatives and
initiatives Sumber: Risk Management International
COSO ERM VS ISO 31000
ISO 31000:2018 – OVERVIEW
▪ Definisi istilah-istilah utama, antara lain risiko, manajemen risiko, pemangku kepentingan,
sumber risiko, peristiwa, konsekuensi, probabilitas dan kontrol;
▪ Prinsip-prinsip manajemen risiko, bahwa manajemen risiko terintegrasi dilaksanakan melalui
pendekatan terstruktur, komprehensif, disesuaikan, inklusif dan dinamis berdasarkan informasi
terbaik yang tersedia pada faktor manusia dan budaya dan terus menerus diperbaiki;
▪ Kerangka kerja untuk memastikan bahwa manajemen risiko diterapkan dan diintegrasikan
dengan benar, dirancang secara hati-hati, ditinjau secara berkala dan terus menerus diadaptasi
dan diperbaiki;
▪ Bagian tentang proses manajemen risiko, termasuk identifikasi, analisis, evaluasi dan
perlakuan risiko, serta pemantauan dan peninjauan, komunikasi dan konsultasi.
IRM BERBASIS ISO 31000:2018
Continual
improvement integrated
consultation
Design Dynamic Inclusive Risk Identification
Leadership &
Commitment Risk Analysis
Risk Evaluation
Evaluation implementation
Risk Treatment
Pengendalian Internal
(Proses Pengelolaan
Risiko) 1. Penyusunan Profil Risiko RKAP
Audit Berbasis Risiko
(RKAP Berbasis Risiko)
2. Laporan Update atas Risk (Membuat Audit Plan)
Register (3 Bulanan)
Pengukuran Maturitas
Risiko-risiko pada
Proses Manajemen Risiko yang
semua Unit Kerja yang Unit kerja, Cabang, Anak
dilakukan berksinambungan
menghambat
oleh Setiap Unit kerja
Perusahaan
Pencapaian Sasaran
RISK OWNER
RCSA / RISK ASSESMENT / RISK REGISTER
Corporate Planning & Budgetting
CORPORATE/DIVISI/CABANG
Komite
Pemilik Risiko (Risk owner) Komite Audit
• Risk and Quality Management Group Risiko dan Hukum
➢ Asset Owner • Tim Sekretariat Komite Manajemen Risiko
• Unit Kerja • Komite Manajemen Risiko
➢ Asset Manager
• Regional Internal Audit
• Anak Perusahaan
➢ Service Provider
• JMTM/JMTO/JMRB
External Audit
3 LINES OF DEFENCES (UPDATED)
PROSES MANAJEMEN RISIKO
Who should own the risk?
Risk
Objectives
Strategic
Strategic/ Management level
Business value
risk
Objectives
Technical
Technical Technic Manager
Objectives
Project
Risk
Project Project Manager
Objectives
Value
Risk
Personal
Personal Value Individual
Risk management is natural process
What am I trying to
Objective setting and understanding
01
01 achieve?
scope
Risk
06 What’s new? Updates
What is the difference between risk appetite and risk tolerance?
Balancing risk
Risk Decision
Risk Attitude
Supply demand
Government Policy
Interest rate
Exchanger rate
Other factors
02
Diskusi & Presentasi
Thank you
Co-creation as the collaborative innovation development of: