Enterprise Risk Management - Deddy Jacobus


Published on

Published in: Business, Economy & Finance
1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Enterprise Risk Management - Deddy Jacobus

  1. 1. Public WorkshopEnterprise Risk Deddy Jacobus, www.rwi.co.id Management
  2. 2. Deddy Jacobus • Senior Risk Management Partner, JPM & Partners, Jakarta • Secretary General, the Association of Risk Management Practitioners (ARMP), Jakarta, www.id.armp-asia.com • Member of the Steering Committee, Professional Risk Managers International Association (PRMIA), Chicago, US, www.prmia.org • Certified Member of the Institute of Internal Auditors (IIA), Florida, US., www.theiia.org • Certified Member of Lembaga Komisaris dan Direktur Indonesia (LKDI) • Certified in Risk and Control Self-Assessment (CCSA), IIA • MBA, Risk Management, Universitas Gadjah Mada.
  3. 3. Sharing Objectives• Sharing Objective #1: To establish the importance of Enterprise Risk Management (ERM) to achieve corporate objectives• Sharing Objective #2: An overview of ISO 31000:2009 Risk Management Principles and Guideline
  4. 4. Sharing Objective #1To establish the importance of Enterprise RiskManagement (ERM) to achieve corporateobjectives
  5. 5. • What is risk?Some is the first...• What basic difference between risk and uncertainty?• Why is it important to manage risks?• And...why the enterprise risk
  6. 6. is... •"...the effect•of uncertainty on objectives."
  7. 7. Triggers of uncertainty The wave of changes Driven by Uncertainty Driven by external and external and internal factors internal factors Poor ability to response
  8. 8. Some effects of uncertaintiesDisasters do not just happen. They are critical chain of events...
  9. 9. A need of paradigm shift + Well-informed Reliable and responsive Proven modelinformation Decision Making Risk management transforms a guesswork decision makinginto a well-informed and responsive
  10. 10. Risk management paradigm shift Partial approach ERM approach
  11. 11. ERM drives a paradigm shift in... Paradigma Paradigma Lama Baru Pengawasan/Pengendali Pemberdayaan/Owners an hip Silo Integrated Sinten Sistem Jangka Pendek Jangka Panjang Krisis/Minimize Risiko/Optimize
  12. 12. Sharing Objective #2An overview of ISO 31000:2009 Risk ManagementPrinciples and Guideline
  13. 13. Risk management process in general Start Risk Assessment Plan Risk Context Definition Accepta Accepta ble? Risk Assessment ble? Risk Management Plan Risk Response and Execution Risk Register Risk Monitoring End
  14. 14. International standards for ERM COSO 2004 ISO 31000:2009
  15. 15. ERM COSO Model• Enterprise Risk Management (ERM) yang efektif membutuhkan adanya komponen- komponen berikut ini: 1. Niat & Kesungguhan 2. Tujuan yang tepat dan selaras 3. Paham perubahan eksternal & internal yang Komponen- mungkin terjadi komponen 4. Paham dampak perubahan 4. Paham dampak perubahan untuk (risiko) (risiko) memastikan bahwa suatu 5. Tanggap strategik yang perusahaan efektif thd perubahan memiliki: 6. Pengendalian secara Internal 7. Optimalisasi knowledge untuk... 8. Perbaikan Berkelanjutan
  16. 16. ISO 31000:2009-principles, framework,process
  17. 17. Risk Register Business Unit/Project Name: Date: Process/Phase: RCSA Participants: Time Period of Risk Assessment: Objective of Risk Assessment: Estimated Risk Risk Risk Inherent Expected Risk ResidualRisk Inherent Current after Owner, Objectives Risk Level L I Risk Level Response/Tr L I Risk Level after Id Risk Controls Control PIC, and (L, M, H) (L, M, H) eatments Treatment (L, M, H) Sponsor (L, M, H) Our worksheets must demonstrate the interrelated Our worksheets must demonstrate the interrelated of objectives, risks, and controls of objectives, risks, and controls
  18. 18. Risk assessment• How do we review our existing controls?• Given our existing controls, how likely the event will occur?• How the impacts will be measured?• How the risk level will be determined?• What measures to decide whether it is acceptable or unacceptable?• What risks need to be responded?
  19. 19. Risk: exposure, appetite, tolerance andcontrols Acceptable with Unacceptable/ Too low risk level Acceptable ranges conditions avoid range of risk levels
  20. 20. An example of risk map and risk appetite R1 R1 R6 R6 R5 R5 R4 R2 R3
  21. 21. Thank you...Deddy Jacobuswww.rwi.co.iddeddy@rwi.co.id081510311103