Uploaded byDiane Christina
Sharing Practice on Enterprise Risk Management (ERM)
The document discusses enterprise risk management (ERM). It provides an example ERM universe that includes strategic risks, physical assets risks, human factors risks, and financial risks. It also discusses some key aspects of effective ERM implementation, including establishing a risk governance framework, developing a risk management infrastructure, and following a risk management process of identifying, assessing, managing, and monitoring risks. The document is intended to share practices on ERM.
In this document
Powered by AI
Introduction to ERM with an overview by Diane Christina Magister Manajemen UNPAR, 2009.
ERM Universe includes Mergers & Acquisitions, Innovations, Business transformation, and risks like equipment failure and infrastructure.
Case studies highlighting strategic risks like PLN’s electricity failure and Garuda Airlines debt restructuring in various industries.
Introduction to prerequisites required for setting up effective ERM processes.
The importance of establishing a Risk Governance Framework, including risk management policies, awareness, and definitions.
Defining Risk Appetite (qualitative) vs. Risk Tolerance (quantitative) with examples illustrating loss thresholds.
Diagram illustrating varying levels of risk appetite and tolerance for achieving business outcomes.
Developing a strong operational infrastructure for risk management, including methodology, technology, and procedures.
Illustrative examples from iRisQ demonstrating structure and format of risk management reporting.
Description of key steps in risk management including identification, assessment, treatment, and monitoring.
An overview of how to implement an Enterprise Risk Management framework effectively.
A detailed roadmap outlining the steps and components necessary for successful ERM implementation.
Identifying external risks and contextualizing them as opportunities or threats in risk management.
Framework for evaluating business risks based on likelihood and consequences, detailed with numerical ranges.
Assessment of potential consequences arising from various risk scenarios.
Evaluating the likelihood of different risks occurring and its potential impact.
Detailed risk description, inherent risk evaluation, controls in place, and assessment of residual risks.
Visual matrix illustrating categorization of inherent and residual risks along with consequence severity.
Invitation for further inquiries on risk management via providing an email contact.
More Related Content
Similar to Sharing Practice on Enterprise Risk Management (ERM)
Sharing Practice on Enterprise Risk Management (ERM)
- 1. Sharing Practices onERM By Diane Christina @ Magister Manajemen UNPAR, 2009 . Diane Christina . © DC, 2009
- 2. ERM Universe - the example ò Mergers & acquisition ò Innovation program PLANS ò Business transformation ò Go Public / IPO PHYSICAL Strategic Risks ASSETS FINANCES ò equipment failure ò infrastructure Technical Operational Commercial Financial ò natural perils Risks Risks Risks Controls ò treasury Risks ò accounting ò systems ò fraud ò suppliers HUMAN Error ò customers ò government RELATIONSHIPS FACTORS ò safety ò ò health ò stakeholder ò selection ò third parties ò skills ò competitors [email protected] © DC, 2009
- 3. Lesson Learned - Published Information Source: Kompas Online Semen Gresik Source: CSIS Online 22 May 2006 Vs 31 March 2005 Cemex PLN’s electricity Strategic Risks failure Jamsostek bad Investment on Commercial Paper Technical Operational Commercial Financial Risk Risks Risks Controls Risks Source: Harian Bisnis Indonesia, 06 July 2006 PT Kereta Api Garuda Airlines Train Crash high Debts restructuring frequency Source: Kompas Online Source: Tempo Interaktif 14 November 2003 07 Dec 2005 [email protected] © DC, 2009
- 5. Pre-requisite of EffectiveERM [email protected] © DC, 2009
- 6. Risk Governance Framework Laying down the foundation… Risk Management Awareness & Culture Risk Governance Framework Risk Language Definition of Risks Risk Philosophy Basic attitude towards risk, should be aligned with Vision & Mission and Business Strategy. Risk Management Risk Tolerance/Appetite Policies Risk Management The level of risk the company is willing to Organization & Functions accept in order to achieve its Business Strategy.The desired Risk Profile of the Enterprise [email protected] © DC, 2009
- 7. Risk Tolerance vsRisk Appetite A company that says that it is does not accept risks that could result in a significant loss of its revenue base is expressing appetite A company says that it does not wish to accept risks that would cause revenue from its top-10 customers to decline by more than 10% it is expressing tolerance They seem to view Risk Appetite as being primarily qualitative and Risk Tolerance as quantitative [email protected] © DC, 2009
- 8. Risk Appetite &Tolerance – illustration Besar Sagat T T E E E 5 Besar 5 10 15 20 25 4 M T T E E Probabilitas 4 8 12 16 20 Sedang R M T E E 3 3 6 9 12 15 Kecil R R M T E 2 2 4 6 8 10 Risk tolerance Sangat R R M T T Kecil 1 1 2 3 4 5 1 2 3 4 5 Tidak Agak Berat Sangat Malapetaka Berat Berat Berat [email protected] Akibat © DC, 2009
- 9. Risk Management Infrastructure Developthe laying Infrastructure Methodology Risk Governance Infrastructure Technology & Tools Procedures Reports [email protected] © DC, 2009
- 10. Sample of RMReport [email protected] © DC, 2009
- 11. Sample of RMReport Source: iRisQ – Enterprise Risk Management System [email protected] © DC, 2009
- 12. Source: iRisQ –Enterprise Risk Management System Sample of RM Report [email protected] © DC, 2009
- 13. Risk Management Process Monitor & Identify Identify Monitor Report Map Risk Manage Measure & Assess Treatment Evaluate [email protected] © DC, 2009
- 14.
- 15. ERM Implementation: RoadMap Corporate Vision, Mission, Corporate Risk Objectives, and Strategy & Appetite/ Validation / Strategies Tolerance Continuous Reassessment Improvement Boards’ Briefing Risk Control Assessment Framework Project Risk Management Awareness Program Enterprise Risk Assessment Financial Risk Assessment Risk Manual - Policy - Procedures Business Process Improvement Strategic Risk Management Preliminary Risk Assessment Risk Manual - Policy - Procedures Risk Management Maturity Assessment Risk Management Governance & Infrastructure GETTING RIGHT AT THE BEGINNING © DC, 2009
- 16. Risk Management inPractice -Setting the context External Events 1 2 3 = opportunity = threats Base Objective Residual Risks 1 2 3 Control Inherent Risks 1 2 3 Process P1 P2 P3 P4 [email protected] © DC, 2009
- 17. Risk Management inPractice - Determine the criteria Likelihood 1 Year Consequence Earning Almost Never 0 – 20 % Minor 0 – 37 Billion Unlikely 21 – 40 % Moderate 38 – 74 Billion Possible 41 – 60 % Severe 75 – 111 Billion Likely 61 – 80 % Major 112 – 149 Billion Almost Certain 81 – 100 % Catastrophic > 150 Billion [email protected] © DC, 2009
- 18. The Risk UnitMeasurement - The Consequence of Risk [email protected] © DC, 2009
- 19. The Risk UnitMeasurement - The Likelihood of Risk [email protected] © DC, 2009
- 20. Table of Riskand Mitigation - illustration of certain Investment No Risk Description Inherent Risk Control Residual Risk Remark C L C L 2.1. Delay of FC against 5 5 - lobby 5 4 - lobby commercial operation - equity - equity 2.2. Concession is with- 5 5 - lobby 5 3 - lobby drawn by government 2.3. Forex loss if US$ 5 3 Contract addendum, back-to-back 1 1 Contract > Rp 9.200,-/US$ with supplier/contractor Addendum 2.4. Shortfall of assumption 5 3 Insurance - only for debt-cost-service 5 2 Update Early warning system, & campaign regularly 2.5. Delay Start-Up (DSU) 5 5 Insurance - only for debt-cost-service 5 4 Update Tight project management regularly 2.6. Interest expenses 5 3 Tight control over Cash-Flow whilst 3 2 Financial fluctuation - no hedge at the same time seeking a Risk possibility of hedging. Mgt 2.7. Cost Over - Run 5 3 Tight Financial Management and 4 2 Financial Cash-Flow control throughout the Risk commercial operation Mgt 2.8. Equity Participation 5 3 Confirmation of Equity participation 2 2 BoC and is not as expected to be made as early as possible, BoD in early 2008 [email protected] © DC, 2009
- 21. The Risk Matrix - Inherent - Residual – Treated - certain Contoh Profil Risiko: Almost 3 4 5 1 1 1. Analisa dan evaluasi kinerja 5 10 15 20 25 keuangan tidak akurat (Akuntansi) Likely 3 4 2 2 2. Terjadinya double 4 pembayaran pajak pada 4 8 12 5 16 20 saat melakukan pembelian Likelihood atau pengadaan barang dari Unlikely Possible importir 3 5 (Pengadaan) 3 6 9 12 15 3. Evaluasi Biaya Umum Kantor Pusat tidak tepat waktu (Akuntansi) 2 1 5 2 4 6 8 10 4. Terjadinya biaya penumpukan material impor (demurage) Almost 4 2 3 never (Pengadaan) 1 1 5 5. Terjadi kegagalan tahapan 2 3 4 financial closed dari masing- 1 2 3 4 5 masing pihak yang berperan dalam pendanaan proyek investasi Minor Moderate Severe Major Catastrophic (Pengembangan Bisnis) [email protected] Consequence © DC, 2009
- 22. Need more informationabout your risk management, drop your email to: [email protected]