3. RISK ASSESSMENT
ERM PROCESS
Agree on ERM Context
Communicate
and Result
Conduct Risk Assessment
• Risk Identification
• Risk Analysis
• Risk Evaluation
Determine Risk Treatment
Monitor
ERM Process
4. Agree on ERM Context
• Establishing the context and defines the context as ‘defining
external & internal parameters to be taken into account when
managing risk, and setting the scope and risk criteria for the risk
management policy’.
• To make sure everyone involved in conducting risk assessment
understands the context and risk criteria (risk capacity, risk
attitude, risk appetite statements, and risk tolerance levels)
• Agree on model or type of Risk Map, the most common ones Impact and Likelihood.
9. • KONTEKS EKSTERNAL
– Analisis stakeholders
– Kepentingan, sasaran, dan
pengaruh
• KONTEKS INTERNAL
– Dokumen organisasi
– Analisis proses bisnis
– Pengaruh faktor internal:
keuangan, operasional,
teknologi, dsb.
• KONTEKS PROSES
– Harus jelas sasaran dan
parameter digunakan.
– Mulai identifikasi hingga
respon risiko
– Pemilahan kegiatan proses
bisnis
• PENGEMBANGAN
KRITERIA
– Kemungkinan - dampak risiko
– Level/tingkatan risiko
– Risk appetite
12. PROSES PEMBELAJARAN DAN ANALISIS
DETEKSI LINGKUNGAN INTERNAL DAN EKSTERNAL
MEMASTIKAN EFEKTIFITAS PENGENDALIAN DAN
RESPON RISIKO
IDENTIFIKASI RISIKO-RISIKO BARU