Modul ini membahas tentang Technical Risk Assessment (TRA) dan kebutuhannya bagi perusahaan telekomunikasi. TRA diperlukan untuk mengetahui profil risiko aset perusahaan serta mencegah kerugian yang berdampak pada kelangsungan bisnis. TRA memberikan gambaran posisi risiko aset-aset strategis perusahaan seperti jaringan, sentral telepon, dan gedung untuk mengendalikan biaya operasional dan asuransi secara efisien.
Ringkasan dokumen tersebut adalah tentang penggunaan Risk Acceptance Criteria (RAC) dalam menentukan tingkat risiko yang terdiri atas tabel dampak, tabel likelihood, risk appetite, dan risk map."
Modul ini membahas tentang Technical Risk Assessment (TRA) dan kebutuhannya bagi perusahaan telekomunikasi. TRA diperlukan untuk mengetahui profil risiko aset perusahaan serta mencegah kerugian yang berdampak pada kelangsungan bisnis. TRA memberikan gambaran posisi risiko aset-aset strategis perusahaan seperti jaringan, sentral telepon, dan gedung untuk mengendalikan biaya operasional dan asuransi secara efisien.
Ringkasan dokumen tersebut adalah tentang penggunaan Risk Acceptance Criteria (RAC) dalam menentukan tingkat risiko yang terdiri atas tabel dampak, tabel likelihood, risk appetite, dan risk map."
Dokumen tersebut membahas tentang fasilitasi dan implementasi manajemen risiko di Universitas Negeri Surabaya. Secara singkat, dokumen tersebut menjelaskan mengenai pentingnya manajemen risiko untuk mengidentifikasi risiko-risiko yang dapat mengancam pencapaian tujuan universitas serta merencanakan pengelolaan risiko secara terpadu dan berkelanjutan."
The document provides an overview of internal control, fraud, and revenue assurance. It discusses the concept of enterprise risk management and how it has developed over time. It describes the importance of internal control frameworks like COSO and COBIT. It also covers topics like fraud, the role and organization of internal control functions, and using a risk-based approach to auditing.
Dokumen tersebut membahas tentang Risk and Control Self Assessment (RCSA) yang merupakan proses pengelolaan dan pengendalian risiko di unit tertentu secara mandiri. Tahapan RCSA meliputi identifikasi risiko, pengukuran level risiko, penyusunan rencana mitigasi, pengendalian program mitigasi, dan pemantauan register risiko. Contoh identifikasi risiko dan pengukuran level risiko dengan menggunakan risk map juga dijelaskan.
This document summarizes COSO's Enterprise Risk Management - Integrated Framework. It defines ERM as a process run by an organization's board and management to identify potential events, manage risk within the organization's risk appetite, and provide assurance around achieving objectives. The framework identifies 8 components of ERM - internal environment, objective setting, event identification, risk assessment, risk response, control activities, information & communication, and monitoring. It describes how organizations can implement ERM through risk assessments, determining risk appetite, identifying responses, and ongoing monitoring and oversight. Internal auditors can help by reviewing controls and risk processes and ensuring resources target key risk areas.
Dokumen tersebut membahas tentang penerapan manajemen risiko di lingkungan Kementerian Keuangan, mencakup proses manajemen risiko dan struktur pengelolaannya.
Ringkasan dokumen:
1) Dokumen tersebut membahas implementasi Enterprise Risk Management (ERM) dan pengendalian internal di Telkom.
2) Telkom telah menerapkan kerangka kerja manajemen risiko COSO dan memiliki departemen khusus untuk memfasilitasi implementasi ERM.
3) Telkom melakukan penilaian risiko secara berkala di tingkat korporat dan unit bisnis untuk memetakan profil risiko perusahaan.
Modul ini memberikan penjelasan tentang konsep Value at Risk (VaR) dan metode perhitungannya. VaR adalah ukuran risiko maksimum yang mungkin terjadi pada suatu portofolio dalam periode dan tingkat kepercayaan tertentu. Metode yang dijelaskan antara lain VaR Delta Normal, EVT, dan Historical Simulation."
This document is a report on risk culture from Telkom, an Indonesian telecommunications company. It discusses defining and measuring risk culture, and outlines Telkom's approach, which includes:
1) Defining risk culture and distinguishing it from organizational and ethical culture
2) Surveying employees using a questionnaire to assess risk culture attributes like leadership, accountability, and risk management processes
3) Developing metrics to measure risk culture and ensure risks are appropriately managed across the organization
This document discusses operational risk and key risk indicators (KRIs). It defines operational risk and provides examples of operational risk losses from past incidents. It explains that KRIs are metrics that provide information on an organization's current exposure level to a given operational risk. The document outlines the process for identifying KRIs, which involves risk and control self-assessments to identify inherent risks, controls, and residual risks and prioritize them. It also discusses setting thresholds for KRIs, collecting and reporting KRI data, and the roles involved in managing the KRI process. Examples of potential KRIs are provided for credit risk, financial markets activities, and other operational risks.
Dokumen tersebut membahas mengenai manajemen risiko organisasi, meliputi pengertian dan tujuan manajemen risiko, kerangka kerja manajemen risiko, serta fungsi-fungsi manajemen risiko seperti perencanaan, pelaksanaan, dan pengendalian.
INTEGRATED ENTERPRISE RISK MANAGEMENT (Based on ISO 31000: 2018 & COSO ERM 20...Pangeran Sitompul
Dokumen tersebut membahas tentang manajemen risiko terpadu perusahaan (enterprise risk management) berdasarkan standar ISO 31000 tahun 2018 dan kerangka kerja COSO ERM tahun 2017. Dokumen ini menjelaskan definisi manajemen risiko, karakteristik risiko, tingkat signifikansi risiko, selera risiko, dan toleransi risiko dalam kerangka sistem manajemen risiko perusahaan.
PYA Principal Shannon Sumner co-presented “Enterprise Risk Management” at the HCCA Board Audit Committee Compliance Conference, February 27-28, 2017, in Scottsdale, Arizona.
The presentation covered:
The role of the governing Board of an organization in enterprise risk management (ERM)
Effective ERM in today’s healthcare setting
When ERM fails: “The perfect storm”
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
COSO, which has provided global thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence for over three decades, recently released a draft update to the original COSO ERM Framework. This framework is widely used by organizations to enhance their ability to manage uncertainty, gauge risk, and increase stakeholder value. However, significant new risks have emerged since the Framework was released, demanding heightened board awareness and oversight of risk management, as well as improved risk reporting. For those organizations exploring ESRM – these themes will be strikingly familiar and the lessons learned, highly relevant.
Presentation by: Bob Hirth, Global Chairman of COSO.
Integrating Risk into your Balanced Scorecard Andrew Smart
Pulling together into a single framework the two separate disciplines of strategy management and risk management, and how it is possible to integrate it with Balanced Scorecard. This presentation provides a practical guide for organizations to shape and execute sustainable strategies with full understanding of how much risk they are willing to accept in pursuit of strategic goals.
Please contact andrew.smart@stratexsystems.com for more details about the presentation or to have a talk about our software solutions.
Dokumen tersebut membahas tentang fasilitasi dan implementasi manajemen risiko di Universitas Negeri Surabaya. Secara singkat, dokumen tersebut menjelaskan mengenai pentingnya manajemen risiko untuk mengidentifikasi risiko-risiko yang dapat mengancam pencapaian tujuan universitas serta merencanakan pengelolaan risiko secara terpadu dan berkelanjutan."
The document provides an overview of internal control, fraud, and revenue assurance. It discusses the concept of enterprise risk management and how it has developed over time. It describes the importance of internal control frameworks like COSO and COBIT. It also covers topics like fraud, the role and organization of internal control functions, and using a risk-based approach to auditing.
Dokumen tersebut membahas tentang Risk and Control Self Assessment (RCSA) yang merupakan proses pengelolaan dan pengendalian risiko di unit tertentu secara mandiri. Tahapan RCSA meliputi identifikasi risiko, pengukuran level risiko, penyusunan rencana mitigasi, pengendalian program mitigasi, dan pemantauan register risiko. Contoh identifikasi risiko dan pengukuran level risiko dengan menggunakan risk map juga dijelaskan.
This document summarizes COSO's Enterprise Risk Management - Integrated Framework. It defines ERM as a process run by an organization's board and management to identify potential events, manage risk within the organization's risk appetite, and provide assurance around achieving objectives. The framework identifies 8 components of ERM - internal environment, objective setting, event identification, risk assessment, risk response, control activities, information & communication, and monitoring. It describes how organizations can implement ERM through risk assessments, determining risk appetite, identifying responses, and ongoing monitoring and oversight. Internal auditors can help by reviewing controls and risk processes and ensuring resources target key risk areas.
Dokumen tersebut membahas tentang penerapan manajemen risiko di lingkungan Kementerian Keuangan, mencakup proses manajemen risiko dan struktur pengelolaannya.
Ringkasan dokumen:
1) Dokumen tersebut membahas implementasi Enterprise Risk Management (ERM) dan pengendalian internal di Telkom.
2) Telkom telah menerapkan kerangka kerja manajemen risiko COSO dan memiliki departemen khusus untuk memfasilitasi implementasi ERM.
3) Telkom melakukan penilaian risiko secara berkala di tingkat korporat dan unit bisnis untuk memetakan profil risiko perusahaan.
Modul ini memberikan penjelasan tentang konsep Value at Risk (VaR) dan metode perhitungannya. VaR adalah ukuran risiko maksimum yang mungkin terjadi pada suatu portofolio dalam periode dan tingkat kepercayaan tertentu. Metode yang dijelaskan antara lain VaR Delta Normal, EVT, dan Historical Simulation."
This document is a report on risk culture from Telkom, an Indonesian telecommunications company. It discusses defining and measuring risk culture, and outlines Telkom's approach, which includes:
1) Defining risk culture and distinguishing it from organizational and ethical culture
2) Surveying employees using a questionnaire to assess risk culture attributes like leadership, accountability, and risk management processes
3) Developing metrics to measure risk culture and ensure risks are appropriately managed across the organization
This document discusses operational risk and key risk indicators (KRIs). It defines operational risk and provides examples of operational risk losses from past incidents. It explains that KRIs are metrics that provide information on an organization's current exposure level to a given operational risk. The document outlines the process for identifying KRIs, which involves risk and control self-assessments to identify inherent risks, controls, and residual risks and prioritize them. It also discusses setting thresholds for KRIs, collecting and reporting KRI data, and the roles involved in managing the KRI process. Examples of potential KRIs are provided for credit risk, financial markets activities, and other operational risks.
Dokumen tersebut membahas mengenai manajemen risiko organisasi, meliputi pengertian dan tujuan manajemen risiko, kerangka kerja manajemen risiko, serta fungsi-fungsi manajemen risiko seperti perencanaan, pelaksanaan, dan pengendalian.
INTEGRATED ENTERPRISE RISK MANAGEMENT (Based on ISO 31000: 2018 & COSO ERM 20...Pangeran Sitompul
Dokumen tersebut membahas tentang manajemen risiko terpadu perusahaan (enterprise risk management) berdasarkan standar ISO 31000 tahun 2018 dan kerangka kerja COSO ERM tahun 2017. Dokumen ini menjelaskan definisi manajemen risiko, karakteristik risiko, tingkat signifikansi risiko, selera risiko, dan toleransi risiko dalam kerangka sistem manajemen risiko perusahaan.
PYA Principal Shannon Sumner co-presented “Enterprise Risk Management” at the HCCA Board Audit Committee Compliance Conference, February 27-28, 2017, in Scottsdale, Arizona.
The presentation covered:
The role of the governing Board of an organization in enterprise risk management (ERM)
Effective ERM in today’s healthcare setting
When ERM fails: “The perfect storm”
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
COSO, which has provided global thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence for over three decades, recently released a draft update to the original COSO ERM Framework. This framework is widely used by organizations to enhance their ability to manage uncertainty, gauge risk, and increase stakeholder value. However, significant new risks have emerged since the Framework was released, demanding heightened board awareness and oversight of risk management, as well as improved risk reporting. For those organizations exploring ESRM – these themes will be strikingly familiar and the lessons learned, highly relevant.
Presentation by: Bob Hirth, Global Chairman of COSO.
Integrating Risk into your Balanced Scorecard Andrew Smart
Pulling together into a single framework the two separate disciplines of strategy management and risk management, and how it is possible to integrate it with Balanced Scorecard. This presentation provides a practical guide for organizations to shape and execute sustainable strategies with full understanding of how much risk they are willing to accept in pursuit of strategic goals.
Please contact andrew.smart@stratexsystems.com for more details about the presentation or to have a talk about our software solutions.
(2022) Silabus Pelatihan "Governance, Risk and Compliance (GRC)"Kanaidi ken
Silabus pelatihan GRC (Governance, Risk, and Compliance) ini memberikan gambaran umum tentang cakupan luas GRC dan implementasinya di organisasi, tujuan pelatihan untuk memahami konsep dan proses penerapan GRC secara menyeluruh, serta materi pelatihan yang mencakup pengenalan GRC, kerangka kerja, dan langkah penerapannya di organisasi.
Proses pengurusan risiko melibatkan pengenalpasti, analisis, penilaian dan kawalan risiko secara sistematik dan berterusan untuk menyokong pencapaian objektif organisasi."
Officeless as Platform - HSE Management System v1.0.0jojonomic
Health, safety and environment (HSE) refers to a branch, or department, within a company that is responsible for the observance and protection of occupational health and safety rules and regulations along with environmental protection. Health, safety and environment (HSE) is also often referred to as environmental health and safety (EHS) or safety, health and environment (SHE).
KSEI adalah lembaga penyimpanan dan penyelesaian efek Indonesia. Mereka mengimplementasikan Enterprise Risk Management untuk mengelola risiko secara menyeluruh dan sistematis, mencakup risiko strategis, kepatuhan, keuangan, dan operasional. Tujuannya adalah meminimalkan risiko tanpa meningkatkan biaya.
KSEI adalah lembaga penyimpanan dan penyelesaian efek Indonesia. Mereka mengimplementasikan Enterprise Risk Management untuk mengelola risiko secara menyeluruh dan sistematis, mencakup risiko strategis, kepatuhan, keuangan, dan operasional. Tujuannya adalah meminimalkan risiko tanpa meningkatkan biaya.
(2021) Silabus Training "FRAUD RISK ASSESSMENT (FRA)"_Metode dan Teknik Asesm...Kanaidi ken
Pelatihan empat hari ini membahas metode dan teknik asesmen risiko kecurangan, meliputi identifikasi risiko kecurangan, penilaian risiko, dan langkah mitigasi. Pelatihan ditujukan untuk manajemen risiko, unit anti-fraud, auditor internal, dan karyawan lainnya. Materi pelatihan mencakup gambaran umum manajemen risiko kecurangan, proses penilaian risiko, deteksi kecurangan, dan studi kasus. Metode pelatihan kombinasi online dan offline dengan
SI & PI, Riri Pratiwi, Prof. Hapzi Ali, Kerangka Pengendalian : COBIT, COSO d...RiriPratiwi2
Dokumen tersebut membahas tiga model kerangka pengendalian internal yaitu COBIT, COSO, dan ERM. COBIT merupakan kerangka kerja untuk tata kelola TI yang terdiri atas empat domain yaitu perencanaan dan organisasi, pengadaan dan implementasi, pengantaran dan dukungan, serta pengawasan dan evaluasi. COSO mendefinisikan pengendalian internal sebagai proses yang melibatkan dewan komisaris, manajemen, dan staf untuk mencapai e
(2021) Silabus Training "FRAUD RISK ASSESSMENT (FRA)"_Metode dan Teknik Asesm...Kanaidi ken
Pelatihan ini membahas metode dan teknik asesmen risiko kecurangan secara mendalam selama 3 hari. Pelatihan ini bertujuan untuk memberikan pemahaman yang baik kepada peserta tentang proses identifikasi, analisis, pengukuran, evaluasi, penentuan tindakan, dan kontrol risiko kecurangan. Materi pelatihan meliputi gambaran umum manajemen risiko kecurangan, metode pelaksanaan penilaian risiko kecurangan, proses penilaian pada tingkat entitas dan transaksi
Bab II dari dokumen tersebut membahas Enterprise Risk Management (ERM). ERM didefinisikan sebagai proses pengelolaan risiko secara menyeluruh untuk mengelola ketidakpastian dan memaksimalkan peluang agar sejalan dengan strategi perusahaan. ERM bertujuan untuk mencapai tujuan perusahaan dengan meningkatkan efektivitas organisasi, pelaporan risiko, dan kinerja bisnis. Penerapan ERM membutuhkan dukungan manajemen, sum
Ringkasan dokumen tersebut adalah:
1. Dokumen tersebut merupakan rencana pelaksanaan pelatihan manajemen risiko strategis bagi BOD dan BOC BUMN beserta anak perusahaannya.
2. Pelatihan ini akan menjelaskan ketentuan terbaru manajemen risiko BUMN berdasarkan Permen BUMN No. PER-2 Tahun 2023 dan standar ISO 31000 & COSO ERM.
3. Pelatihan ini diselenggarakan oleh Kanaidi Consulting dan akan diad
Be & gg, ade, hapzi ali, ethics and business, risk management tugas 10, u...Ade Caswito
Dokumen tersebut membahas tentang penerapan manajemen risiko oleh Bank Central Asia (BCA). BCA telah menerapkan kerangka manajemen risiko yang mencakup 10 jenis risiko seperti risiko kredit, pasar, likuiditas, operasional, hukum, reputasi, strategis, kepatuhan, transaksi intra-grup, dan asuransi. Risiko-risiko tersebut dinilai dan dikelola untuk menjaga profil risiko BCA tetap stabil pada tingkat rendah hingga sedang
Similar to Enterprise risk management in practice telkom 2016 (20)
The document discusses key concepts in US and Indonesian competition law and antitrust legislation. It explains that antitrust laws seek to promote competition by prohibiting anticompetitive business practices that harm consumers. Major US antitrust laws discussed include the Sherman Act of 1890, Clayton Act of 1914, and Federal Trade Commission Act of 1914. The Sherman Act prohibits anticompetitive contracts and monopolies. The Clayton Act addresses early-stage anticompetitive practices, while the FTC Act established the Federal Trade Commission to enforce antitrust laws. The document also discusses key Indonesian competition laws and defines concepts like per se illegality versus the rule of reason analysis.
The document discusses securities laws and corporate financing in Indonesia. It begins with an overview of the new regulatory structure for financial services in Indonesia, noting that the Otoritas Jasa Keuangan (OJK) was established in 2011 to integrate regulation of banking, capital markets, insurance, pensions and other financial services. It then outlines the key entities and participants in Indonesia's capital markets under the new OJK structure. These include stock exchanges, clearing and guarantee institutions, depository and settlement agencies, securities companies, investment managers, and supporting professionals. The document also provides reasons for replacing the previous financial services regulator, Bapepam, with the new OJK structure.
Securities Law and Corporate Financing
Human: Thank
The document discusses the process of incorporation and corporate licensing in Malaysia and Indonesia. It provides details on:
1) The roles of the Companies Commission of Malaysia (CCM) and the Ministry of Law and Human Rights in Indonesia in regulating corporate affairs and incorporation in their respective countries.
2) The requirements and procedures for incorporating different types of companies in Malaysia, including private limited companies, unlimited companies, and limited liability partnerships.
3) The registration requirements and documents needed to register foreign companies doing business in Malaysia.
This document provides an overview of tax law as it relates to corporations. It discusses several key topics:
1. Domestic tax systems and how they determine tax residence, taxable income sources, tax rates, and methods for relieving double taxation.
2. International tax law, including bilateral tax treaties and how they are used to reduce double taxation. Key definitions and concepts in tax treaties like residence and permanent establishment are also examined.
3. Specific provisions of the OECD model tax treaty regarding the allocation of taxing rights between countries and rules against discrimination are summarized.
4. European Union law on non-discrimination is also briefly outlined.
Insurance is a risk management relationship where the insurer agrees to bear the burden of potential losses for the insured in exchange for premium payments. Key aspects include the insured party, insurer, insurance policy contract outlining coverage and limits, and insurable interest requirement. There are various categories of insurance such as individual vs group, personal vs commercial, and liability vs property/casualty. Common types of insurance include auto, health, disability, life, homeowner's/renter's, fire, business liability, and professional liability.
Dokumen tersebut membahas tentang hukum ketenagakerjaan dan hubungan industrial di Indonesia, termasuk definisi pekerja, jenis-jenis perjanjian kerja, dan undang-undang terkait seperti UU Ketenagakerjaan."
This document discusses business entities and their environment. It begins by outlining the four main subjects that can enter into an international contract: individuals, legal entities (companies/corporations), international organizations, and states/countries. It then provides more details on legal entities, describing the three main types under Indonesian law. The document also discusses international organizations and states/countries as subjects of international contracts. Finally, it describes characteristics of corporations, including their creation and maintenance, continuity, ownership and control structure, and limited liability for shareholders. Studying business entities is important for business owners and managers to understand how to organize resources and take advantage of entity benefits and protections.
The document discusses legal concepts related to contracts and business law. It defines a contract as a legally enforceable promise or exchange of promises that requires an offer, acceptance of that offer, and consideration. Contracts can be verbal, written, or implied based on the actions of parties. The document also discusses sources of contract law, types of contracts such as unilateral and bilateral, and elements required for a valid offer such as intent and definite terms. It provides examples to illustrate concepts like implied-in-fact contracts.
This document provides an outline for a business law module that covers various legal topics related to business. It begins with an introduction to the legal perspective of business, discussing key concepts like different legal theories, sources of law, and the role of the judiciary. It then outlines 10 topics that will be covered, including business entities, employment laws, taxation, securities law, and competition law. The document provides context and background information to introduce students to fundamental legal aspects of conducting business.
The document discusses various methods for valuing companies for mergers and acquisitions, including comparable company analysis, discounted cash flow analysis using a spreadsheet approach, and formula approaches. It provides examples of each method, comparing the top companies by market capitalization from 2007-2011 and valuing a hypothetical acquisition of PT. Exelcom Axiata by PT. Telkom Indonesia using net present value. Key aspects of company valuation discussed include revenue, earnings before interest and tax, cash flows, growth rates, tax rates, and weighted average cost of capital.
The document discusses the process of mergers and acquisitions (M&As) in 10 phases: 1) developing a business plan and acquisition plan, 2) searching for targets, 3) screening targets, 4) initial contact, 5) negotiation which includes due diligence, valuation, and structuring a deal, 6) deciding whether to close the deal or walk away, 7) developing an integration plan, 8) closing the deal, 9) integrating the acquired business, and 10) evaluating the acquisition post-closing. Key steps include confidentiality agreements, letters of intent, due diligence investigations, and negotiating the share purchase agreement which outlines terms like price, payment, conditions, and representations and warranties.
The document discusses various corporate restructuring strategies including divestitures, spin-offs, equity carve-outs, split-offs, and tracking stocks. It provides details on the characteristics and rationales for each strategy. Divestitures involve the sale of assets to an outside party to raise cash. Spin-offs create a new subsidiary that is distributed to shareholders to increase focus and reward them with a tax-free dividend. Equity carve-outs are similar to spin-offs but the parent retains control of the subsidiary and can raise funds for both entities. The strategies aim to enhance shareholder value by changing a company's portfolio.
The document discusses the multidisciplinary aspects of mergers and acquisitions (M&As). It addresses several areas that must be considered in M&As including legal/law, corporate economics, taxation, competition law, and industry regulations. Specifically, it notes that M&As require consideration of corporate law, competition law, labor law, securities law and any relevant regulatory issues. It also discusses valuation methods, capital structure, taxation considerations, and how leverage can benefit a company's capital structure.
The document discusses mergers and acquisitions (M&As) and some paradoxes associated with them. It describes the M&As paradox as involving hubris, winners' curse, agency problems, and game theory dynamics. Managers may overestimate the value of acquisitions due to hubris. Acquirers often overpay due to winners' curse. M&As may not benefit shareholders due to agency problems where managers prioritize their own interests like compensation. Game theory shows how managers feel pressure to follow competitors' actions, fueling merger waves even if deals destroy value. Solutions proposed include separating management and control, performance-based compensation, and government regulation.
The document discusses several common issues in mergers and acquisitions (M&As), including:
1. The tension between centralization and decentralization of decision-making, with trade-offs between the benefits of decentralization like utilizing local knowledge versus the costs of decentralization like potential agency problems and coordination costs.
2. Problems of asymmetric information where one party in a transaction has more information than the other, and the implications this has for M&As such as misleading information.
3. Controlling incentive problems in firms through contracts, but recognizing that contracting has costs when it is costly to enforce contracts or when there is asymmetric information.
This document discusses mergers and acquisitions (M&As) from a global and regional perspective. It defines M&As and explains their use as a way for companies to grow through consolidation rather than organic growth. The document contrasts M&As with greenfield investments as two methods for foreign direct investment. It also discusses how regional trade agreements and reductions in barriers have led to increased cross-border M&As and foreign investment flows within regions.
Dokumen tersebut membahas berbagai bentuk organisasi bisnis di Indonesia, termasuk perusahaan perseorangan, persekutuan, perseroan terbatas, BUMN, serta kombinasi antar perusahaan."
Legal presentation konsepsi business judgment rule doctrine - telkom indon...wisnu wardhana, i nyoman
1. Dokumen tersebut membahas berbagai bentuk organisasi bisnis di Indonesia seperti perusahaan perseorangan, persekutuan, perseroan terbatas, BUMN dan koperasi.
2. Juga membandingkan karakteristik masing-masing bentuk organisasi seperti tanggung jawab, pendirian, dan pengakhiran.
3. Membahas pula klasifikasi perseroan terbatas berdasarkan status sahamnya di bursa efek dan asal usul modal.
MODERN!!! WA 0821 7001 0763 (ALUMINOS) Pintu Kaca Aluminium di Buleleng.pptxFORTRESS
MODERN!!! WA 0821 7001 0763 (ALUMINOS) Pintu Kaca Aluminium di Buleleng, Pintu Aluminium Kaca di Kuta Selatan, Pintu Aluminium Minimalis di Bangli, Daun Pintu Aluminium di Jembrana, Pintu Kamar Aluminium di Pekutatan.
ALUMINOS FORTRESS adalah produk Pintu Baja Motif Kayu Sebuah terobosan inovasi terbaru sebagai alternatif pengganti pintu rumah konvensional yang mengunakan material baja sebagai bahan baku utamanya.
Tingkatkan Keamanan Rumah Anda dengan 13 Keunggulan Fortress Pintu Baja!
- Material Baja Berkualitas Tinggi.
- Finishing dengan Pola Serat Kayu Alami.
- Kusen Baja dengan Detail Architrave yang Anggun.
- Engsel Baja Tersembunyi dalam 4 Set.
- Sistem Penguncian 5 Titik dengan Kunci Utama.
- Sistem Keamanan A-B Lock dengan 7 Kunci Elektronik.
- Dilengkapi dengan Slot/Grendel untuk Penguncian Tambahan.
- Terdapat Lubang Pengintip.
- Pelindung Karet pada Kusen dan Daun Pintu.
- Lapisan Honeycomb Paper sebagai Penyerap Suara.
- Lapisan PE-Film untuk Perlindungan Tambahan.
- Dilengkapi dengan 6 Set Baut Pemasangan.
- Memiliki Ambang Pintu yang Kokoh.
Dapatkan keamanan yang tak tertandingi dengan Fortress Pintu Baja, solusi pintu yang kuat dan tahan lama untuk melindungi rumah Anda.
Hubungi Kami Segera (0821-7001-0763)
Head Office (Kantor Pusat) :
Jl. Raya Binong Jl. Kp. Cijengir No. 99, Rt.005/Rw.003, Binong, Kec. Curug, Kabupaten Tangerang, Banten 15810
Kantor Cabang JBS : (Solo, Pekanbaru, Surabaya, Lampung, Palembang, Kendari, Makassar, Balikpapan, Medan, Dan Kota Lainnya Menyusul)
Provinsi Bali Meliputi : Kab Badung-Mangupura, Kab Bangli, Kab Buleleng-Singaraja, Kab Gianyar, Kab Jembrana-Negara, Kab Karangasem-Amlapura, Kab Klungkung-Semarapura, Kab Tabanan, Kota Denpasar Dan Seluruh Kota Se-Indonesia.
#pintukacaaluminiumdibuleleng #pintualuminiumkacadikutaselatan #pintualuminiumminimalisdibangli #daunpintualuminiumdijembrana #pintukamaraluminiumdipekutatan
Pintu Kaca Aluminium di Buleleng, Toko Pintu Aluminium Terdekat di Kuta Utara, Pintu Kusen Aluminium di Kintamani, Pintu Wc Aluminium di Melaya, Kusen Dan Pintu Aluminium di Blahbatuh.
UNIKBET : Bandar Slot Pragmatic Play Ada Deposit Via Bank Aceh Syariah Resmi ...unikbetslotbankmaybank
Pada hari ini 07 Juni 2024, Link Slot Gacor Pragmatic Play Deposit Bank Aceh Syariah Promo Bonus Terbesar Banyak Promo Spektakuler di provider Pragmatic Play adalah Unikbet karena berlicensi resmi internasional. Maka dari itu, Untuk anda para pemain slot online yang berada di kota Cikampek, bisa bermain dengan tenang dan aman. Berikut rekomendasi daftar situs slot bisa deposit pakai Bank Aceh Syariah khusus untuk anda yang berlokasi di Kota Cikampek:
1. Slot Gates of Gatot Kaca 1000
2. Slot Sugar Rush 1000
3. Slot Aztec Gems
4. Slot Way of Ninja
5. Slot Joker's Jewels
6. Nexus Gates of Olympus™
Kepada anda para warga kota Cikampek, jangan menunggu terlalu lama lagi. Buruan daftar akun slot Bank Aceh Syariah resmi anda hanya di unikbet sekarang juga.
Hubungi kontak resmi kami :
» Telegram : 0813 7044 7146
» Link Daftar : unikbet . link / daftar
» Whatsapp : 0813 7044 7146
Atau Langsung ketik di Google : " UNIKBET "
#Cikampek #slotBankAcehSyariah #slotviaBankAcehSyariah #daftarslotBankAcehSyariah #unikbet
BUKU ADMINISTRASI GURU KELAS SD 2024 /2025Redis Manik
Buku administrasi guru kelas SD adalah serangkaian dokumen dan catatan yang digunakan oleh guru untuk mengelola kegiatan pembelajaran dan administrasi kelas secara efektif. Buku-buku ini membantu guru dalam merencanakan, melaksanakan, dan mengevaluasi proses pembelajaran serta memastikan kelancaran operasional kelas. Berikut adalah beberapa jenis buku administrasi yang umumnya digunakan oleh guru kelas SD:
Buku Induk Siswa: Berisi data pribadi siswa, seperti nama, tanggal lahir, alamat, nomor induk siswa, dan informasi penting lainnya.
Buku Rencana Pelaksanaan Pembelajaran (RPP): Dokumen perencanaan yang berisi rencana kegiatan pembelajaran yang akan dilaksanakan oleh guru setiap hari atau setiap minggu.
Buku Program Tahunan (Prota): Dokumen yang berisi rencana kegiatan pembelajaran yang akan dilaksanakan selama satu tahun ajaran.
Buku Program Semester (Promes): Dokumen yang berisi rencana kegiatan pembelajaran yang akan dilaksanakan selama satu semester.
Buku Agenda Harian: Catatan harian tentang kegiatan pembelajaran yang dilakukan setiap hari, termasuk materi yang diajarkan dan kegiatan siswa.
Buku Absensi Siswa: Catatan kehadiran siswa setiap hari, termasuk alasan ketidakhadiran jika ada.
Buku Nilai: Catatan penilaian hasil belajar siswa, termasuk nilai ulangan harian, tugas, ujian tengah semester, dan ujian akhir semester.
Buku Catatan Prestasi dan Pelanggaran Siswa: Berisi catatan tentang prestasi yang diraih siswa serta pelanggaran yang dilakukan dan tindakan yang diambil.
Buku Inventaris Kelas: Catatan inventaris barang-barang yang ada di kelas, seperti peralatan belajar, alat peraga, dan buku-buku.
Buku Kas Kelas: Catatan tentang keuangan kelas, termasuk pemasukan dan pengeluaran dana kelas.
Buku Laporan Harian dan Bulanan: Laporan tentang kegiatan dan perkembangan siswa serta kondisi kelas yang dibuat setiap hari atau setiap bulan.
Buku Piket Guru: Catatan tentang tugas piket harian guru untuk mengawasi kegiatan di sekolah dan kelas.
Buku administrasi ini membantu guru dalam menjalankan tugas dan tanggung jawabnya dengan lebih terorganisir dan efisien, serta memudahkan dalam pelaporan dan evaluasi kegiatan pembelajaran.
ATRIUM GAMING : Slot Gacor Mudah Menang Terbaru 2024sayangkamuu240203
Hallo Selamat Datang di Situs ATRIUM GAMING, website TERBAIK dan terpercaya. Meyediakan Berbagai Macam Jenis Permainan Dari SportBook, Slot, Live Casino, Fishing, Lottry, Poker dan Berbagai Game Lainnya,
1.Bonus New Member 50%
2.Garansi Kekalahan 100%
3.Event Scatter Pojok Pracmatic Play
4.Event Scatter Pracmatic Play
5.Event Scatter PG SOFT
6.Event Bonus Perkalian Pragmatic Play.
main di mahjong ways dapat SCATTER emas hitam, wah di jamin seru pasti nya , modal recehan bisa jackpot jutaan , dan masih banyak bonus lainnya yang menguntungkan bagi new member & old member
ayo buruan daftar di Atrium Gaming, Kakak menang kita pun senang!!!
════════ ═════════════════ 💸 DEPOSIT VIA BANK & E-MONEY 💸 📥 Minimal Deposit 5.000 📥 📤 Minimal Withdraw 50.000 📤
Untuk Minimal Deposit Via Pulsa Telkomsel & XL Tanpa Potongan;
💸 IDR 10.000 / Rp 10RB 💸
══ ════════════ ═══════════ YUK BURUAN LANGSUNG JOIN DI LINK YANG ADA DI BIO KAMI YA
☎ http://wa.me/+62812-6407-2244
🌐 https://heylink.me/SlotGacorMudahMenang2024/
🌐 https://mez.ink/situsvipgacor
🌐 https://bio.site/AtriumGamingGACOR
🌐 https://bio.link/situsmudahmenang2024
🌐 https://bit.ly/m/AtriumGamingOffcial
Dalam permainan judi online ada yang namanya keberuntungan dan keberuntungan itu tidak ada di semua slot online,Akan tetapi jika anda main di situ ATRIUM GAMING dijamin anda bakalan betah dikarenkan situs online №1 di INDONESIA ini slot yang paling mudah mencari kemenangan,Jika anda tidak percaya silahkan dicoba bonus dan evet menanti kehadiran anda.!!!
ATRIUM GAMING Link Slot online mudah menang terbaru dari kamboja yang di dukung dengan server slot online yang di kenal dengan nama SERVER UG dan juga di kenal oleh sloter indonesia dengan server yang paling Stabil dan juga di kenal dengan server yang sering memberikan peluang kemenangan kepada setiap membernya
UNIKBET : Link Slot Gacor Pragmatic Play Bisa Deposit Memakai Bank BPD DIY Ad...unikbetslotbankmaybank
Pada hari ini 06 Juni 2024, Link Slot Gacor Pragmatic Play Deposit BPD DIY Promo Bonus Terbesar Banyak Promo Spektakuler di provider Pragmatic Play adalah Unikbet karena berlicensi resmi internasional. Maka dari itu, Untuk anda para pemain slot online yang berada di kota Parung Panjang, bisa bermain dengan tenang dan aman. Berikut rekomendasi daftar situs slot bisa deposit pakai BPD DIY khusus untuk anda yang berlokasi di Kota Parung Panjang:
1. Slot Gates of Gatot Kaca 1000
2. Slot Sugar Rush 1000
3. Slot Aztec Gems
4. Slot Way of Ninja
5. Slot Joker's Jewels
6. Nexus Gates of Olympus™
COMPANY PROFILE PT. WELLMAN DENYO DEVELOPMENT.pptx
Enterprise risk management in practice telkom 2016
1. Jakarta, April 2016
an Enterprise Risk Management in Practice
towards
Business Competitiveness
Risk & Process Management
PT. Telekomunikasi Indonesia, Tbk
I Nyoman Wisnu Wardhana
Senior Advisor II – PT. Telkom
2. Disclaimer
This document may contain forward-looking statements within the meaning of safe-harbor. Actual results could differ materially from
projections, estimations or expectations. These may involve risks and uncertainty, and may cause actual results and development to
differ substantially from those expressed or implied in the statements. The company does not guarantee that any action, which may
have been taken in reliance of this document will bring specific results as expected.
Subdit Risk & Process Management
PT. Telekomunikasi Indonesia, Tbk
3. O U T L I N E
Telkom at glance
ERM – Latest Concept
ERM Framework
ERM‘ Processes
Takeaway
The latest of risk management, GRC, Risk Based approach
Framework
Risk Profile and Treatment
4. Total Shares
100,799,996,400 shares
Market Capitalization at IDX
Telkom Indonesia is listed at
Indonesia Stock Exchange (TLKM IJ)
and New York Stock Exchange (TLK US)
Public 46.76%
Government 53.24%
Treasury Shares 2.6%
IDR 333,14 Tn.
Telkom at a glance
6. Telkom at a glance – Corporate philosophy
Telkom ada untuk memberikan yang terbaik bagi bangsa Indonesia dan
semesta alam
Telkom memberikan service dan solusi terbaik yang dibutuhkan dan
dicintai oleh Customer
Telkom meningkatkan value perusahaan,. profesionalisme dan
kesejahteraan pegawai serta return yang optimal bagi shareholder
MEGA
MAKRO
MIKRO
Warna Merah Putih:
Persembahan Telkom Indonesia
untuk Indonesia dan semesta alam
The World in Your Hand:
Yang terbaik untuk pelanggan
Company:
Value perusahaan,
professionalisme,
shareholder
7. Telkom at a glance – Corporate Strategy
Vision Be the King of Digital in the Region
Mission Lead Indonesian Digital Innovation and Globalization
Strategic
Objective
Corporate
Strategy
Directional Strategy : Sustainable Competitive Growth
Portfolio Strategy : Converged TIMES Portfolio
Parenting Strategy : Strategic Guidance
Top 10 Market Capitalization Telco in Asia-Pacific by 2020
8. • RPM & Personnel
• Framework
• Methodology & Tool
• Policy & Procedure
• Risk Ownership
Assured by Internal Audit
Telkom‘s BOC and BOD Support
and Oversight
Risk management Vision:
Bring Risk Management into Telkom‘s
culture that embedded to PT. Telkom‘s
business process and operational
Risk Management Mission:
To be a ―Partner‖ for all PT. Telkom‘s
business unit and operational
Sukses Implementasi ERM di PT. Telkom bergantung kepada adanya dukungan dan komitmen dari BoD
dan BoC (Tone at the Top) serta adanya Fungsi yang menjamin Efektivitas Implementasi dan memberi
masukan untuk pengembangan lebih Lanjut (IA)
Telkom at a glance – Visi, Misi Telkom ERM
9. Telkom at a glance – Corporate Legal Consideration
Consider
PT. Telekomunikasi
Indonesia, Tbk.
Sebagai Perseroan Terbatas
Law UU No. 40/2007 tentang Perseroan Terbatas
Regulation Per-Pres, Kep-Pres, Per-Men, Per-
Pem, etc.
Sebagai Perusahaan Milik Negara
Law UU No. 19/2003 tentang BUMN;
UU No. 17/2003 tentang Keuangan Negara, etc.
Regulation Per-Pres, Kep-Pres, Per-Men, Per-
Pem, etc.
Sebagai Perusahaan Telekomunikasi
Law UU No. 36/1999 tentang Telekomunikasi;
UU No. 11/2008 tentang ITE, etc.
Regulation Per-Pres, Kep-Pres, Per-Men, Per-
Pem, etc.
Sebagai Perusahaan Publik
Law UU No. 8/1995 tentang Pasar Modal;
Regulation Per-Pres, Kep-Pres, Per-Men, Per-
Pem, Per-OJK (Bapepam), SOX-SEC, IDX Reg, etc.
Consider
Consider
Consider
The Bylaw
Company‘ internal regulations:
Peraturan Direksi
Peraturan Direktur
Peraturan Kepala Unit Bisnis
Policies
Procedures
SOP/SMP
Etc.
Other public
laws, for
instance:
- UU No. 31/1999
- UU No. 5/1999
- KUHP
- Etc.
11. Latest Concept of ERM – Business Turbulence
Latest
Progress
New Concept
The Fact
Challenge
Perubahan yang sangat cepat bahkan seringkali
tidak terduga (highly volatile)
Pentingnya memberi perhatian khusus pada
kebijakan dan proses yang berkaitan dengan
Tatakelola Perusahaan (GCG), Manajemen Risiko,
dan Kepatuhan (increasing attention to GRC)
Pentingnya memberi perhatian Kebanyakan
perusahaan mengelola GCG, Manajemen Risiko,
dan Kepatuhan berjalan sendiri-sendiri bahkan
terjadi silo-silo diantara mereka
Bagaimana perusahaan mampu mengelola risiko
bisnisnya yang sangat efisien dan lincah dengan
dimilikinya sistem Pemantauan Pengendalian yang
seimbang dan terintegrasi
12. Financial risk Liquidity risk
Diversification risk –
No-diversification risk
Development risk
Growth risk -
Stagnation risk
Income stream risk
Political risk Regulation risk
Demand risk Supply risk
Sale & Marketing risk Reputational risk
Business continuity
risk
Health and safety risk,
….
Latest Concept of ERM – Risk is everywhere
Operational
Failure
Disruption of
Main Process
Decreasing of
Quality of
service
Shrinkage of
Market and
Investor
Business
Performance
Inflammation
Raising
Cost
13. Latest Concept of ERM – Fragmentation Increases Risk
Supplier ―black list‖
Anti – terrorist trade practices
High credit risk
customer
Balance credit profile
Data leakage &
security
Security IT
infrastructure
Employee safety
compliance
Environmental health & safety
compliance
Disconnected risk
analysis
Integrated risk analysis
Complex, Int.
compliance req.
Global finance reporting
compliance
Exc. Compensation
practices
Evidence for decision &
directives
Incomplete
global risk profile
Increase confidence in
business result
ProcurementSales, Services
IT OperationHuman ResourcesCompliance /Risk Office
FinanceDireksi/Dekom & Audit Comittee Executive& Managers
New pressures, new risks
• Diversification - range of business
streams
• Commercial competition
• Care & support; social enterprise
• Market renting; market sale
• New partners; joint ventures
• New funding models
• Emphasis on self-regulation, co-
regulation
• Increasing focus on governance
16. Latest Concept of ERM – Don‘t to be a stranger man
TOP 10 RISK
1 Damage to reputation/brand
2 Economic slowdown/slow recovery
3 Regulatory/ legislative changes
4 Increasing competition
5 Failure to attract or retain top talent
6 Failure to innovate/meet
customer needs
7 Business interruption
8 Third-party liability
9 Computer crime/ hacking/viruses/
malicious codes
10 Property damage
TOP 10 Global Risk 2015 Top 10 Risk in Telecommunications 2014
17. Latest Concept of ERM – TOP 10 Risks
Competitive is a must!
1
Damage to
reputation/brand
2
Economic
slowdown/slow
recovery
3
Regulatory/
Legislative
changes
4
Increasing
Competition
5
Failure to attract
or retain top talent
6
Failure to
innovate/meet
customer needs
7
Business
Interruption
8
Third party
liability
9
Computer
crime/hacking/viruses/
malicious codes
10
Property
damage
1
Increasing
Competition
2
Economic
slowdown/slow
recovery
3
Regulatory/
Legislative
changes
4
Failure to
innovate/meet
customer needs
5
Damage to
reputation/brand
6
Failure to attract or
retain top talent
7
Computer
crime/hacking/viruses/
malicious codes
8
Commodity
price risk
9
Political
risk/uncertainties
10
Growing burden and
consequences of corporate
governance/compliance
2015‘ risks 2018 projected
18. Latest Concept of ERM – Going to risk based approach
Risk & Strategic
Planning
Risk & ICoFR
Risk & BCMS
(ISO 22300)
Risk & ISMS
(ISO 27000)
Risk & Asset
Management
Toward intelligent Risk Taking
Ensure reliability of financial reporting
Prevent business disruption
Protected of asset information (CIA)
Effective and efficient, and well protected of asset
19. Latest Concept of ERM – The Survey
How challenging is each of the following in defining and implementing your organization‘s enterprise-
level risk appetite statement?
Complying with regulatory expectation regarding risk appetite
55%
55%
38%
37%
35%
21%
18%
11%
Defining risk appetite for strategic risk
Defining risk appetite for reputational risk
Defining risk appetite for operational risk
Allocating the risk appetite among different business units
Translating the risk appetite for individual risk types
into quantitative risk limits
Integrating stress testing results when defining risk appetite
Gaining the active participation of business units in implementing
the risk appetite and risk limits
20. ―Nearly 90 percent of firms
do not conduct a risk
assessment when
outsourcing production.‖
―Risk: It's Time to Measure It,‖
Harvard Business Review
21. ERM Framework – The History
1970s
Risk management gains
wider acceptance
1980s
Companies begin Risk
departments, typically
focused on insurance
1990s
Risk management matures
as companies begin to
focus on ―business risk‖
19801970 1990 2000
2004
Release of COSO
ERM Integrated
Framework
19601950
1950s-1960s
Traditional Risk
Management (―TRM‖)
1977
Foreign
Corrupt
Practices
Act (―FCPA‖)
Early1980s
Increased focus on
internal control and
compliance
1985
National Commission
on Fraudulent
Financial Reporting
— Treadway
Commission
1992
Committee of
Sponsoring
Organizations
(―COSO‖) published
Internal Control —
Integrated
Framework
1990s-2000
Continued focus on internal
control, risk management, and
responsibilities
(Blue Ribbon Commission,
Competency Framework for
Internal Audit, others)
2002
Sarbanes-Oxley Act of
2002
Enterprise Risk Management is intertwined with the
development of internal control standards and the
regulatory environment.
22. ERM Framework – The Defined Framework
Japan Financial Services Agency (JFSA) – ERM Framework 2013
ISO 31000:2009 the new International Risk Management Standard
Federation of European Risk Management Association (FERMA)
Risk and Insurance Management Society (RIMS)
Basel II – Integrated Risk Management Solution
COSO ERM framework
AS/NZS 4360:2004
RIMS Risk Maturity Model
23. ERM Framework – The COSO Framework
1. Entity objectives
2. Activities at all levels
3. The eight
components of the
framework
1
2
3
24. ERM Framework – Telkom ERM Framework
Telkom ERM system with reference to the COSO ERM framework. Risk management is inherent
in the implementation of GCG as well as internal control mechanism within the
company.
Therefore, since 2008 we have established and developed:
Structural Aspects which include developing risk management vision, mission, commitment,
tone at the top, conducive internal environment, policy, competence development, IT tools and
systems.
Operational Aspects which include determination of Risk Acceptance Criteria, conducting risk
assessment and developing specific-functions risk management.
Maintenance Aspects which include monitoring risk management implementation, periodical
risk reporting report, safeguarding the continuity of competency development. Regularly
assessing the quality of implementation of risk management through Risk Management Index,
Risk Culture Survey and Risk Maturity Level.
25. ―An ounce of prevention is worth
a pound of cure.‖
- BF
26. ERM Framework – Road Map
2008
2010
2012
2015
Beyond
Developed Risk Management Implementation and Creating values
2009
2011
2013
2014
2016
• Restrukturissi
Kebijakan
• Risk Assessment
• Review Risiko Inisiatif
• Sosialisasi dan
internalisasi
• Risk Management
Information System
dan ISMS
terimplementasi
• Protap dan standar
perjanjian maupun
standar proses
penyelesaian
dokumen hukum dan
bantuan hukum
menjadi acuan baku
dalam setiap
pelaksanaan aktivitas
Legal Compliance
• Tersedianya Sistem
Informasi Legal
Compliance
• Peningkatan
kompetensi bidang
C&RM
• Implementasi
ketegasan pemberian
sanksi atas
pelanggaran service
level & kebijakan
• Memastikan adanya
suatu ukuran risiko
dalam setiap KPI suatu
unit
• Implementasi
Kejelasan reward &
punishment terkait
dengan pemenuhan
risk indicator/ rasio
yang ada
• Risk monitoring and
reporting system
terimplementasi
• Meningkatnya
pemahaman dan
kesadaran akan peran
hukum
• Sistim informasi
menjadi bagian dalam
setiap pelaksaan tugas
karyawan.
• Effisiensi ratio, loss
ratio, potensial risk ratio
menjadi salah satu KPI
utama dari ―enterprise-
wide‖
• Memastikan Risk
assessment dilakukan
pada setiap proses
bisnis, inisiatif kebijakan
maupun pengambilan
keputusan
• Memastikan tersedianya
informasi tepat waktu
tentang kondisi risiko
awal (Early warning
signal)
• Kepatuhan hukum
merupakan bagian
dalam setiap
pelaksanaan aktivitas
• Terlaksananya transaksi
perusahaan yang aman
dan terlindungi dari
aspek hukum.
• Adanya Nilai tambah
atas tiap produk /
inisiatif yang sdh
dilakukan risk
assessment
• Memastikan
Efektivitas mitigasi
plan risk control
• Perusahaan memiliki
sistim kontrol dari
aspek hukum yang
mampu mendeteksi
secara dini terjadinya
pelanggaran/permas
alahan .
• Implementasi
Governance Risk
Compliance +
Culture (GRC)
• Menjadi role model
pengelolaan risiko di
industri Telco
• Memastikan system
enterprise security
yang aman pada
seluruh system yang
ada dan zero
revenue leakage
(tidak ada
kebocoran)
• Terpenuhinya
kepatuhan hukum
atas setiap tindakan
Manajemen dalam
pengelolaan
perusahaan sesuai
dengan peraturan
internal dan external.
• Memastikan
pelaksanaan risk
management
berlangsung efektif
dalam setiap level
entitas perusahaan
• Memastikan
pelaksanaan risk
mangement pada
subsidiaries (Telkom
Group)
• Integrated risk
assessment untuk
operasional
(Security, IT, Asset,
Infrastruktur/network)
• Kepatuhan hukum
atas setiap tindakan
Manajemen terhadap
seluruh boundary
Governance
(Mandatory and
Voluntary)
• Penyusunan Konsep
GRC berbasis IT
• Eksploitasi data
berbasis risk
management dalam
pengambilan
keputusan
perusahaan berbasis
early warning
System
• Kolaborasi data Key
Risk dan Key
Performance dalam
penyusunan RKAP
• Integrated risk based
dalam management
system (IMS: BCMS,
ISMS, QMS)
• Fully Comply to all
boundary of
Governance
(Mandatory and
Voluntary)
• Scheme of GRC
berbasis IT
developing
• New Concept of Risk
Management
implemented coincide
with Organization Re-
structuring.
• Enhancement
Integrated risk based
dalam management
system (IMS: BCMS,
ISMS, QMS, dan IT-
SMS)
• Fully Comply to all
boundary of
Governance
(Mandatory and
Voluntary)
• IT system of GRC
• Early warning for
all system
management.
• Fully Integrated
risk based dalam
management
system (IMS:
BCMS, ISMS, QMS)
• Fully Comply to all
boundary of
Governance
(Mandatory and
Voluntary)
• IT system of GRC
run
27. ERM Framework – Telkom ERM activities
Telkom‘s ERM activities is done through:
1. Quarterly review and monitoring of unit
(and subsidiaries) risk management.
2. Preparation of regular quarterly Risk
and Compliance Analysis Reports.
3. Meetings to discuss corporate risks
through meetings at BoD as well as
BoC level.
4. Measurement of risk culture
implementation through internal
surveys conducted on a number of
respondents.
5. Measurement of risk management
maturity level (ERM Maturity Level).
The data to be considered:
1. Country-related risks such as
changes in politics, society, macro
economy and natural disasters.
2. Company-related risks (Operational,
Financial, Legal compliance,
Regulatory, Competition, Market,
etc.)
3. Any external and Internal change.
4. Governance requirement.
5. Interested parties requirement.
28. RKAP
2016
Risk
Profile
2016
RISK APPETITE 2015
Risk Profile 2015
Makro Ekonomi, Industri,
kompetisi, Teknologi,
Regulasi
Benchmark &
RiskAssessment
CSS 2016-2020
RKAP 2015
LM TW 1,2 2015
Draft CAM 2015
Masukan BOD
Risk Profile Unit
Memberikan indikasi
tingkat risiko dan prioritas
program mitigasi dalam
rangka menghindari risiko
gagalnya pencapaian
tujuan perusahaan
ERM Framework – Risk Based RKAP
29. ERM Framework – ERM Process
VISI & MISI
STRATEGIC OBJECTIVE
DIRECTIONAL -
Disruptive competitive
growth: Need to achieve
double digit growth by
2020.
PORTFOLIO - Customer
value through Digital
TIMES portfolio: More
focus on Digital
businesses.
PARENTING - Strategic
Control: More streamlined
control on subsidiaries
Corporate Strategy
10 Strategic Initiative
2016’s Corporate Risk
GBP/MPCAM 2016
RKAP
2016
RKM
Mitigation Plan
Corporate
Risk factor
2016-2020
Risk & Opportunity
Subsidiaries Business Unit Division
TopDownRiskAssessmentScheme
ButtomupRiskAssessmentScheme
30. ERM Framework – Risk Map
O4C3; O1 S1; C1
F1; F2;
F3
C2; S3;
S4
S2 O2
O3
Appetite
Likelihood
Impact
Very Low Low Medium High Very High
VeryLowLowMediumHighVeryHigh
VL L M H VH
Increased Foreign exchange
Increased Interest Rate
Fail in Managing Liquidity
F.1
F.2
F.3
S.1
S.2
S.3
S.4
Less/decline Product Competitiveness
Failure in M&As activities and Partnership
Failure to maximize technology as a
competitive value
Failure in Corporate University program
C.1
C.2
C.3
Regulatory Pressure and Impediments
Business dispute and litigation
Late submission of Financial Statements and Deficiency on
ICOFR
O.1
O.2
O.3
O.4
Failure in managing Information and Technology
Revenue Leakage
Business Interruption
Failure to max. Revenue Over Invested Capital expenditure
31. ERM Framework – Risk Radar
Less/decline Product
Competitiveness
Failure in managing Information
and Technology
Increase
d Forex
Business dispute and
litigation
Failure to maximize
technology as a
competitive value
Failure in Corporate University
program
Failure in M&As activities
and Partnership
Revenue Leakage
Regulatory Pressure and
Impediments
Business Interruption
Failure to Max. Rev.Over Invested Capex
Increased
Interest Rate
Fail in Managing
Liquidity
Late submission of
Financial Statements and
Deficiency on ICOFR
Increased Forex
Increased Interest Rate
Fail in Managing Liquidity
Strategic Risks Operation Risks
Financial RisksCompliance Risks
Less/decline Product
Competitiveness
Failure in M&As activities and
Partnership
Failure to maximize
technology as a competitive
value
Failure in Corporate
University program
Regulatory Pressure and
Impediments
Business dispute and
litigation
Late submission of Financial
Statements and Deficiency
on ICOFR
Failure in managing
Information and Technology
Revenue Leakage
Business Interruption
Failure to Maximize Revenue
Over Invested Capex
32. Dikonotasikan dengan langkah men-tansfer risiko kepada
pihak ketiga.
Misal: Outsourcing, Partnership, Insurance, etc.
Dalam hal ini, perusahaan berarti akan menerima risiko tersebut,
berdasarkan perhitungan bahwa di bawah appetite perusahaan.
Langkah ‗optimization‘ merupakan program yang diambil untuk
mengurangi severity yang ditimbulkan oleh potensi risiko yang ada
(self insured)
Menghindari terjadinya risiko , dipilih apabila suatu langkah (inisiatif,
mitigasi, rencana bisnis, dll) akan dilakukan dengan
mempertimbangkan potensi risiko.
ERM Framework – Risk Treatment
Commonly, there are 4 types of risk treatment could be taken:
Risk Transfer (Sharing Risk)
To move the exposure and its severity
(risks) through 3rd party.
Risk Accepted (Retention)
If cost beyond its risk (exposure).
Note: Cost > Risk
Risk Reduction (Limitation)
Optimization process of remedy, to reduce its
severity
Risk Avoidance (Elimination)
Escaping from any initiative, business plan,
etc. Considering the potential risks.
33. ERM Framework – Operational Risk Management in Telkom
Operation Risks
Failure in managing
Information and
Technology
Revenue Leakage
Business Interruption
Failure to Maximize
Revenue Over
Invested Capital
expenditure
High
Very High
Very High
Very High
Risk Level Risk Treatment
Mitigation
Key Risk
Indicators
Risk Dashboard
Reduce: Update Tech.
Transfer: Partnership
Reduce: Control, System
Update, Process update,
Customer check, etc.
Reduce: Asset protection,
Early warning system
security, BCMS,
Simulation/exercise.
Transfer: Outsources,
Insurance.
Reduce: Asset
Management, CAPEX-
tracking, Synergy, total
solution, product
management.
Applications and IT System
IT Security, Customer Base,
Big Data, Data Warehouse
System
Fraud, Transaction, No Bill
Bad debt
Network failure, human
error, downtime network,
SLG, SLA
Catastrophe; natural hazard,
earthquake, fire, lightning,
tsunami, etc.
ROA, ROI, Revenue, Cost,
Impairment Value, etc.
Asset Failure
Business Interruption
Revenue Leakage
34. If your User Interface even
vaguely resembles an
airplane cockpit, you‘re doing
it wrong.
— JOHN GRUBER
35. Take away
Beware of risk as a ‘black swan’ phenomena
It‘s a ‗weird‘ doing business with no risk
Risk is like fire: If controlled it will help you; if uncontrolled it will
rise up and destroy you.
Risk is about running the business, manage it!
If you only take small risks, you are only entitled to a small life
36. Implementasi ERM di TELKOM
Company‘ Objectives
1. Memastikan reliability Objectives Perusahaan.
2. Memberikan gambaran stepping/milestone pencapaian
Objectives yang terukur.
3. Memberikan alternatives dalam pencapaian Objectives.
4. Memperhitungkan alokasi resources dalam pencapaian
Objectives.
5. Mengantisipasi terhadap perkembangan yang berpengaruh pada
pencapaian Objectives.
6. Mengoptimalkan potensi dan kesempatan (Opportunities) dalam
pencapaian Objectives.
10 Strategic Initiatives:
1. Optimizing POTS and Strengthening Broadband
2. Consolidate& Grow FWA Business and Manage
Wireless Portfolio
3. Integrated Telkom Group Ecosystem Solutions
4. Invest in IT Services
5. Invest in Media & Edutainment Business
6. Invest in Wholesale and Strategic int’l Opportunities
7. Invest in Strategic domestic opportunities that
leverage the assets
8. IntegrateNGN & OBCE
9. Align Business Structure and Portfolio Management
10. Transforming Culture
Objectives v. Risk Management
STRATEGIC OBJECTIVE
Creating Superior Position by Strengthening The Legacy &
Growing New Wave
Businesses to Achieve 60% Of Industry Revenue in 2015
37. RISK BASED KRIs and KPIs – Company‘ Objectives
Menentukan ‘key business objectives’
berdasarkan strategi korporasi
Identifikasi Risiko-Risiko yang
berpengaruh terhadap pencapaian
objectives.
Menyusun Profil Risiko (a company-
wide risk profile)
Menentukan kriteria/level toleransi risiko
berdasarkan hasil assessment likelihood and
potential impact.
Menentukan alokasi rencana mitigasi (strategi
yang tepat), sumberdaya, dan akuntabilitas untuk
mengelola risiko.
Eksekusi strategi (mitigasi) dan
melakukan identifikasi KRIs dan KPIs
yang terukur secara financial dan
operational.
Monitoring progress untuk identifikasi potensi
peningkatan performansi (kinerja) dalam
pencapaianobjectives.
1
2
3
4
5
38. Business
Objectives
Event
Identification
Significant
Business
Issues
Control
Activities
Risk
Response
Risk
Assessment
Client Mission
Statement
Client Objectives
Business Unit
Objectives
Targets
Performance
Measures
Current Major Issues
Potential Future Events
Capture Process
Impacts Analyses
Response Management
Planning Process
Key Drivers
Dependencies
Performance
Management
Track Record
Completeness
Integration
SMART
Roles &
Responsibilities
Data Management
Issues Management
Integration with
Business Planning
Event Portfolio
Internal/External
Capture Process
Repository
Maintenance /
Refresh
Roles &
Responsibilities
Data Management
Event Management
Integration with
Business Planning
Risk Portfolio
Definitions
Categorizations
Assessment Criteria
Structure
Roles &
Responsibilities
Timing & Frequency
Expert Involvement
Consistency
Client Business
Process Model
Policies
Procedures
Response Portfolio
Definitions
Decision Drivers
Decision Criteria
Process
Completeness
Communications
Training
Roles & Responsibilities
Monitoring Effectiveness
Process
Roles &
Responsibilities
Decision Protocols
Reporting
Timing
Review Areas Review AreasReview AreasReview AreasReview AreasReview Areas
Focus FocusFocusFocusFocusFocus
RISK BASED KRIs and KPIs – Company‘ Objectives
Managing Business Risk within your organization
39. RISK BASED KRIs and KPIs – Company‘ Objectives – cont.‘
1. Management mengetahui secara dini potensi tidak tercapainya
target/objective perusahan karena perkembangan risiko.
2. Management dapat menyusun program mitigasi yang efektif untuk
mengantisipasi perkembangan risiko.
Dengan demikian Objective Perusahaan apabila dikelola tanpa
memperhatikansistem manajemen risiko (ERM), alignment dengan
isu strategis, arah perkembangan bisnis, dan kondisi operasional, maka sistem
tersebut akan kehilangan pijakan dalam operasional perusahaan. Sehingga,
diperlukan penghubung sebagai alat navigasi dan kontrolnya, dalam hal ini
sistem manajemen risiko yang didasarkan pada KRIs dan KPIs.
agar:
40. RISK BASED KRIs and KPIs – Risk Identification
Identifikasi Risiko,
Adalah proses untuk menemukenali segala kemungkinan (kejadian) yang muncul dalam
suatu aktivitas usaha yang berhubungan dengan objective perusahaan.
Identifikasi risiko secara akurat dan menyeluruh menjadi sangat vital dalam suatu
manajemen risiko.
Salah satu aspek penting dalam identifikasi risiko adalah melakukan pencatatan (me-
register) risiko-risiko yang mungkin terjadi sebanyak mungkin.
Dalam Framework COSO, dilakukan pem-bedaan antara Risiko dan Peluang,
dimana kemungkinan (kejadian) yang berdampak negatif disebut Risiko, sedangkan
Peluang merupakan kemungkinan (kejadian) yang dapat berdampak positif (natural
offsets/opportunities) yang mendukung strategi dalam pencapaian objectives.
41. RISK BASED KRIs and KPIs – Risk Identification…The Technique
Dengan melakukan identifikasi risiko, akan diperoleh sekumpulan informasi
tentang kejadian risiko, informasi mengenai penyebab risiko, bahkan informasi
mengenai dampak apa saja yang bisa ditimbulkan oleh risiko tersebut. Teknik-
teknik yang dapat digunakan dalam melakukan identifikasi risiko antara lain:
Benchmark
Professional Judgement (Pendapat Para Ahli di Bidangnya)
Wawancara, Survey (Pengamatan)
Informasi historis (analysis data historis)
Kelompok kerja (Brainstorming)
dll.
42. RISK BASED KRIs and KPIs – Risk Identification…The Technique Cont.‘
Benchmark
Mencari informasi tentang risiko di tempat atau perusahaan lain yang memiliki
kesamaan pada tataran tertentu. (eg. Kesamaan pasar, portofolio bisnis, industri, dlsb.)
Data hasil benchmark harus disesuaikan dengan kondisi aktual yang terjadi dan dihadapi
langsung oleh perusahaan.
Contoh:
– dari berita di media massa, atau internet, dapat diketahui bahwa tingkat kejadian bencana
alam di Indonesia memiliki peluang yang sangat tinggi. Hal ini menunjukkan, bahwa secara
umum risiko Business Interruption akibat bencana alam sangat besar.
– Harga minyak dunia naik?......
– Suku bunga perbankan di US turun?.....
– Harga tiket pesawat naik?.....
43. RISK BASED KRIs and KPIs – Risk Identification…The Technique Cont.‘
Professional Judgment (Pendapat Para Ahli di Bidangnya)
Mencari informasi dari ahli di bidang risiko tertentu, terkait risiko yang
berpengaruh terhadap suatu objective perusahaan
Contoh:
Dari bertanya pada bankir, dapat diketahui bahwa ketidak-stabilan
kondisi ekonomi di US memiliki risiko pada Foreign Exchange terkait
transaksi yang menggunakan mata uang asing (US Dollar)
Dari bertanya pada dokter, dapat diketahui bahwa orang dengan
tingkat kolesterol tinggi berisiko kena penyakit jantung
44. RISK BASED KRIs and KPIs – Risk Identification…The Technique Cont.‘
Pengamatan/Survey
Melakukan investigasi atau pencarian data langsung di tempat kejadian dengan
mengajukan kuesioner atau wawancara (data primer)
Contoh:
Dengan melakukan CSLS (Cust. Loyalty and Satisfaction Survey), dapat
diketahui bahwa tingkat kepuasan yang rendah akan berisiko pada
churn pelanggan
Dengan mengamati proses produksi dan availabilitas dari catu daya
PLN, dapat diketahui bahwa perusahaan menghadapi risiko lampu
mati (Interruptable Power Supply)
Validitas data sekunder?.....
45. RISK BASED KRIs and KPIs – Risk Identification…The Technique Cont.‘
Analisis Data Historis
• Menggunakan berbagai informasi dan data yang tersedia dalam perusahaan mengenai segala
sesuatu yang pernah terjadi
• Biasanya data historis harus menggunakan lebih dari satu periode kebelakang agar prediksi
risiko dapat lebih akurat
• Contoh:
Dari data historis kepegawaian, dapat diketahui bahwa perusahaan menghadapi
risiko kehilangan karyawan yang penting
Dari data historis keuangan, dapat diketahui risiko penurunan growth revenue
Dari data historis market, dapat diketahui risiko tingkat kompetisi dalam suatu
industri
46. RISK BASED KRIs and KPIs – Risk Identification…The Technique Cont.‘
Kelompok Kerja (Brainstorming)
Menggunakan berbagai informasi dan data, dilakukan diskusi creative thinking
(brainstorming) oleh tim manajemen risiko untuk menemukenali potensi risiko
dari suatu objective
Creative thinking yang sukses, biasanya menghasilkan suatu rumusan risiko yang
tepat dari suatu objective
Contoh:
Dari data global market, dilakukan brainstorming sehingga dapat
diketahui bahwa terkait objective perusahaan untuk ‘invest
broadband’ akan menghadapi risiko; teknologi dan kompetisi,
country risk factors, etc.
47. Alignment Process
Dengan demikian, alignment antara KRIs dan KPIs sangat signifikan untuk dilakukan agar
pencapaian objective dapat terlaksana.
Proses Alignment KRIs dan KPIs:
Identify
risks
Quantify
risk
Identify
Actions
required
Monitor
Performance
Monitor
Changes
(internal/
external)
Update
objectives
Agree
Acceptable
Risk levels
Identify
risk related
Actions
Agree
Strategic
objectives
Risk Management
PerformanceManagement
RISK BASED KRIs and KPIs – Alignment KPIs and KRIs
48. RISK BASED KRIs and KPIs – Defining Key Risk Indicators
Key Risk Indicator (KRIs), adalah faktor-faktor kunci dari suatu risiko yang digunakan dalam proses
manajemen untuk menentukan tingkat risiko pada suatu aktifitas usaha. Merupakan indikator dari
kemungkinan dampak negative dimasa yang akan datang (the possibility of future adverse impact).
KRIs memberikan suatu sinyal/tanda ‘Early Warning’ bagi manajemen untuk identifikasi kejadian yang
berpotensi menghambat suatu program/aktifitas.
Biasanya ukuran ini disajikan berupa data statistik atau matriks tertentu dengan formula atau model
tertentu yang menyediakan informasi terkait posisi dari suatu risiko yang dihadapi oleh perusahaan.
KRIs berbeda dengan Key Performance Indicators (KPIs), dimana KPIs dimaksudkan sebagai ukuran
kesuksesan/keberhasilan dari suatu program kerja (aktifitas usaha terkait objectives).
Definisi
49. Key Risk Indicator (KRIs), pada dasarnya dapat dikelompokan ke dalam 4 (empat) kategori:
Coincident indicators, ukuran yang mewakili kegagalan yang terjadi secara bersamaan pada proses
bisnis internal. Misal, kegagalan penyelesaian proyek pengadaan/investasi yang secara bersamaan
berisiko pada kegagalan pengembangan produk berbasis teknologi.
Causal indicators, Ukuran kegagalan yang berasal dari turunan kegagalan suatu kejadian (root causes
event). Misal, risiko kegagalan teknologi yang menyebabkan terjadinya risiko churn pelanggan.
Control effectiveness indicators, merupakan ukuran tingkat kegagalan yang berasal dari proses
monitoring performansi. Misal, prosentase kenaikan ARPU pelanggan Flexi.
Volume indicators (Inherent Risk Indicators) biasanya disamakan dengan KPIs, yang dapat
menentukan posisi peluang kejadian dan dampak dari suatu risiko (indikator ini biasanya ber-korelasi
dengan risiko lainnya). Misal, Jumlah pelanggan, Kapasitas bandwidth, dll.
Pengelompokan KRIs
RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
50. RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
Metode Menentukan KRIs
Untuk dapat menentukan KRIs secara tepat dan efektif dapat menggunakan beberapa
pendekatan. Salah satu pendekatan yang efektif dan terstruktur dengan baik adalah dengan
menggunakan 6 langkah (berhubungan dengan 6-sigma tools):
1. Identify existing metrics.
2. Assess gaps.
3. Improve metrics.
4. Validate and determine trigger levels.
5. Design dashboard.
6. Establish control plan.
Ke-enam langkah tersebut merupakan salah satu pendekatan yang dapat diterapkan untuk
menentukan KRIs, mulai dari proses melakukan Identifikasi KRIs, Validasi, dan meng-
implementasikannya kedalam Early Warning pada segala macam bisnis model.
51. 1. Identify existing metrics.
Untuk menentukan KRIs, langkah pertama yang harus ditempuh adalah dengan Risk Assessment sehingga semua kejadian
(events) dapat di-identifikasi, di-assess, dan di-kelompokan bersama sesuai dengan kriteria tertentu yang dapat di monitor
dan di-analisa berdasarkan root-causes (analisa sebab-akibat). Tools yang dapat digunakan misalnya, diagram tulang ikan, dll.
Biasanya dalam menentukan KRIs, kejadian penting yang berpengaruh langsung terhadap risiko (inherent risk) maupun
residual risk di-identifikasi
Langkah selanjutnya adalah menentukan metric (calon KRIs) bagi masing-masing kejadian yang ber-risiko tinggi (high risk
potensial events)
Dalam menentukan kRIs, semakin banyak ukuran kejadian (metric) yang mempengaruhi suatu risiko, maka semakin efektif
KRIs dalam memberikan gambaran potensi risiko
Common practice, biasanya untuk penentuan KRIs yang efektif, suatu risiko terdiri atas 5 sampai 10 metric potensial KRIs dan
mengandung minimal 1 atau lebih kategori KRIs (type—coincident, causal, control, and volume).
Contoh:
Menentukan risiko pada operasional call-center.
Risiko yang ter-identifikasi adalah: Pelanggan tidak tertanggani secara profesional dan tidak akuratnya informasi
pelanggan
RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
52. 2. Assess gaps.
Setelah proses inventory seluruh potensi KRIs selesai, langkah berikut adalah melakukan evaluasi kelayakan
dan efektifitas tiap-tiap indicators (metric). Terdapat 2 (dua) tools yang digunakan:
the gap assessment
the design matrix
Gap Assessment akan
memberikan gambaran,
apakah indicators (metrics)
dalam inventory akan efektif
untuk dijadikan KRIs.
Dimana, ukuran yang
digunakan adalah
berdasarkan composite
score tabel, biasanya score
diatas 4 merupakan syarat
cukup untuk dijadikan KRIs.
RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
53. RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
Digunakan scoring kriteria 0-1-3-9. Dengan
menggunakan design matrix, maka tiap-
tiap indikator yang mendapat score 9 akan
mendapat rating Y.
Dengan memperhatikan 2 tools ini, dapat
ditentukan indicators (metrics) yang layak
dan efektif untuk dijadikan KRIs.
Design Matrix merupakan tabel matrik berbasis 6-sigma, dimana akan dilihat keterkaitan Risk Events Driver
(RED)dengan indicators yang terdapat dalam inventory. RED merupakan root-causes yang berpengaruh pada
munculnya kejadian (indicators). Masing-masing RED diberi pembobotan sesuai dengan prosentase
kontribusi.
54. RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
3. Improve metrics.
Proses ‘improve metric’ dilakukan dengan cara membandingkan hasil assessment dari 2 (dua) tools gap dan design
matrix. Proses komparasi dilakukan dengan cara:
Analisa indicators di design matrix yang mempunyai score ‘9’ , namun mendapat score rendah di gap
assessment. Apabila scoring rendah tersebut dapat dicarikan solusi atau justifikasinya, maka indicators tersebut
dapat dipertimbangkan untuk dijadikan KRIs.
Analisa berikutnya dilakukan pada indicators yang mendapat score tinggi di gap assessment, namun tidak
mendapat ‘9’di design matrix. Apabila terdapat modifikasi yang berpengaruh pada peningkatan rating di design
matrix dan signifikan, maka indicators tersebut juga dapat dijadikan alternative KRIs. Pada tahap ini,
dimungkinkan untuk dilakukan modifikasi pada potensial KRIs (indicators).
Langkah ini ditutup dengan menghapus seluruh indicators yang tidak mempunyai relasi yang cukup dari
penilaian ke-dua tools tabel.
55. RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
4. Validation and trigger-level identification.
Langkah sebelumnya biasanya menggunakan ‘subjective judgment’ untuk meng-assess relasi antara the risk-
event drivers dan the metrics. Untuk indicators dimana relasi antara ‘the risk-event drivers dan the metrics’
dapat dinyatakan secara wajar (dalam tataran operasional –self evident), maka validasi tidak perlu dilakukan.
Namun bila terdapat Metric baru (lihat
langkah 3-modifikasi metric), maka
diperlukan proses validasi untuk
memastikan bahwa metric tersebut
adalah KRIs.
Validasi, umumnya menggunakan data
historis, bila tidak tersedia maka dapat
dilakukan asumsi yang sesuai untuk
menggambarkan korelasi antara ‘the risk-
event drivers dan the metrics hasil
modifikasi’ sehingga didapat trigger level
identifikasi. (lihat contoh disamping)
56. RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
5. Dashboard design.
Sebagai bagian dalam penentuan KRIs yang layak dan efektif untuk memberikan gambaran perkembangan risiko, maka
‘dashboard’ merupakan bagian yang sangat penting bagi business managers, process owners, and senior management.
Dashboard adalah bagian dalam proses mamajemen risiko dan bermanfaat dalam ‘monthly business review’, dan meeting-
meeting lainnya terkait pencapaian objective perusahaan.
Dashboard biasanya menggunakan gambar grafik dan tabel yang menunjukkan informasi yang tepat dan komprehensif terkait
kondisi risiko perusahaan dan KRIs yang menjadi konsen manajemen.
57. RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
6. Control plan and escalation criteria.
Fungsi utama dari ‘Control plan’ adalah memastikan tersedianya kriteria eskalasi (‘escalation criteria and
roles ‘) untuk intervensi terhadap KRIs yang telah disepakati. Sehingga, siapa-pun, dan kapan-pun dilakukan
treatment terhadap KRIs yang berpengaruh terhadap Objective perusahaan tidak menimbulkan efek
perubahan baik proses dan prosedur yang telah ditetapkan diawal.
Umumnya, ‘control plan’ berisi: the KRI metric, the measurement frequency, a description of the
measurement system, goals, trigger levels, escalation criteria, dan the owner for the escalation criteria.
(sebagaimana terlihat pada contoh tabel dibawah).
58. RISK BASED KRIs and KPIs – Defining Key Risk Indicators…cont.‘
Siap jual
Eks cabutan
Repair
Potensi Eksisting
Deployment
Sales
Churn
Net Add &
ARPU
Qualitas produk kurang baik
Layanan purna jual kurang baik
Harga tidak competitif
Usage
Price
Tariff
Gimmick
Tunggakan
Aps
Cabut Manajemen
Omset
Competitor
Voice
Data
SMS
Demand
Pnetrasi
59. RISK BASED KRIs and KPIs – Structuring Vision-Mission - KRIs
Vision - Mision
STRATEGIC OBJECTIVE
Creating Superior Position by Strengthening The Legacy & Growing New Wave
Businesses to Achieve 60% Of Industry Revenue in 2015
Corporate’ 10-StrategyInitiatives
Significant Risks
Notable Significant Risks
Deployment
Thru
Risk Identification & Assessment
Risk Relate to Performance
Financial RiskStrategic Risk Operational Risk
Business Growth Revenue Leakage
Business Interruption
Forex
Interest Rate
Liquidity
Cost Eff. & Effect.
Control Eff. & Effect .Co-Incident Indicators Causal Indicators Volume Indicators
Key Risk Indicators
60. RISK BASED KRIs and KPIs – Defining Dashboard
Business Growth
Business Growth
Early Warning SystemRISKS RISK MAP/LEVEL
KEY RISK
INDICATORs
Business Growth
Strategic Risks
Financial Risks
Operational Risks
Market Risks
Minutes of usage
# LIS Current
# LIS Churn
Tariff
FlexiFlexiFlexiFlexiSpeedy
TLKM’ Products
Data
Ware-house
TLKM’ Existing
Applications
TiBs TREMs TiCAREs
External Info.Internal Sources
PTA1 = f [KRI1,KRI2, …,KRIn]
if, for instance
f (x) = KRI1 x (KRI2 - KRI3)
KRI1
KRI2
KRI3
S1
Appetite
S1
S1
S1
S1
Dynamic MAP Indicators
61. Level of Maturity and Its Measurement
Telkom‘s Perspective
Public Relation
Compliance
Protection
Optimization
Value Creation
Risk Maturity Graph
Level Maturity
Excellent Strong Adequate Weak Weak [Nonexistent]
Level 5: Level 4: Level 3: Level 2: Level 1: Nonexistent
Leadership Managed Repeatable Initial Ad hoc
Excellent
Advanced capabilities to identify, measure, manage all risk exposures within tolerances
Advanced implementation, development and execution of ERM parameters
Consistently optimizes risk adjusted returns throughout the organization
Strong
Clear vision of risk tolerance and overall risk profile
Risk Control exceeds adequate for most major risks
Has robust processes to identify and prepare for emerging risks
Incorporates risk management and decision making to optimize risk adjusted returns
Adequate
Has fully functioning control systems in place for all of their major risks
May lack a robust process for identifying and preparing for emerging risks
Performing good classical “silo” based risk management
Not fully developed process to optimize risk adjusted returns.
Weak
Incomplete control process for one or more major risks
Inconsistent or limited capabilities to identify, measure or manage major risk exposures
Standard & Poor’s
ERM Quality Classifications
Where does your
organization been
stood?
62. MATURITY LEVEL – Revenue Assurance Framework
1
2
3
4
5
Dependent
Repeatable
Defined
Managed
Optimizing
Ad-hoc, chaotic.
Dependent on
individual heroic.
Basic Project/
Process
management.
Repeatable tasks.
Standardized
approach
developed.
Designing-in
control
commences.
Leakage
quantitatively
understood and
controlled.
Continuous
improvement via
feedback.
Decentralized
ownership,
holistic control.
63. MATURITY LEVEL – ERM Maturity Methodology
Tahapan dari ERM maturity assessment adalah sebagai berikut:
64. MATURITY LEVEL – ERM Maturity Methodology
Model dari ERM maturity assessment adalah terdiri dari 3 komponen penilaian
sebagai berikut:
65. MATURITY LEVEL – ERM Maturity Methodology
Berdasarkan riset/kaji pustaka dan kasus-kasus internasional serta interaksi mendalam
dengan sejumlah besar perusahaan di Indonesia baik dalam konsultasi maupun kegiatan
pengembangan kompetensi, dikembangkan sebuah model untuk mengukur tingkat
maturitas implementasi ERM di sebuah perusahaan, dengan model sebagai berikut:
66. MATURITY LEVEL – ERM Maturity Methodology
Ad hoc level: No ERM policy. ERM is a compliance issue and implemented by a so called
risk management team or persons. Commitment of corporate board, executive, and
management arelacking.
Basic level : ERM policy and structure. Risk assessment is conducted by some units of the
entity. Silo and fragmented approach. Commitment of corporate board, executive, and
management are weak.
Defined level : ERM is conducted through out the entity. Risk data is available but limited.
Qualitative and some degree of quantitative approaches to risk assessment. Risk management
is reported regularly. Commitment of corporate board, executive, and management are normally
strong.
Quantified level : Extensive use of internal and external data for risk quantification. Utilising
quantitative methods in analysing risks. Confidence level towards risk management results is
strong and high. Commitment of corporate board, executive, and management are very strong.
Optimised level : All decisions are risk based, risk-adjusted performance measures. Risk
optimisation to achieve strategic competitiveness. Commitment of corporate board, executive,
and management are extremely strong.
67. MATURITY LEVEL – ERM Maturity - Result
Total, Korporat dan Unit - Maturity Assessment Score
68. Ad hoc level: No ERM policy. ERM is a compliance issue and implemented by a so called
risk management team or persons. Commitment of corporate board, executive, and
management arelacking.
Basic level : ERM policy and structure. Risk assessment is conducted by some units of the
entity. Silo and fragmented approach. Commitment of corporate board, executive, and
management are weak.
Defined level : ERM is conducted through out the entity. Risk data is available but limited.
Qualitative and some degree of quantitative approaches to risk assessment. Risk management
is reported regularly. Commitment of corporate board, executive, and management are normally
strong.
Quantified level : Extensive use of internal and external data for risk quantification. Utilising
quantitative methods in analysing risks. Confidence level towards risk management results is
strong and high. Commitment of corporate board, executive, and management are very strong.
Optimised level : All decisions are risk based, risk-adjusted performance measures. Risk
optimisation to achieve strategic competitiveness. Commitment of corporate board, executive,
and management are extremely strong.
Total - Maturity Assessment Level
MATURITY LEVEL – ERM Maturity - Result