Operational Risk Analysis in Department of Enterprise Risk Management of PT. XYZ Based on ISO 31000: 2018 Framework

Purpose There are two main industry-sanctioned enterprise risk management (ERM) models, that is, COSO 2004 and ISO 31000:2009, that firms refer to when implementing ERM programs. Taken together, the two ERM models specify that firms should implement ERM programs to meet a strategic need, improve operations and reporting or to comply with government regulations or industry best practices. In addition, the focus of ERM implementation should be either the subsidiary, business unit, division, firm/entity or global level. The purpose of this study is to investigate whether firms are aligning their ERM implementations with these tenets: strategy, operations, reporting, compliance and the level of implementation. Design/methodology/approach The proxy for ERM implementation is the hiring of a Chief Risk Officer (CRO). The research data come from a sample of 122 US firms that issued a press release following the hiring of a CRO between 2010 and 2014. The press releases were retrieved and aggregated through content analysis in LexisNexis Academic. Findings The results reveal that many ERM implementations are occurring at the firm/entity level, and with the exception of reporting, firms consider ERM to be a strategic firm resource capable of improving business operations and compliance initiatives. Originality/value There is a dearth of research studies specifically investigating whether ERM programs adopted by firms are aligned with the specification of COSO 2004 and ISO 31000:2009 frameworks. The apparent lack of a clear understanding of the alignment between the firm ERM programs and the industry’s ERM frameworks may limit the development and implementation of ERM and the eventual realization of the benefits associated with a successful ERM implementation.

Download Full-text

How Can Enterprise Risk Management Help in Evaluating the Operational Risks for a Telecommunications Company?

Journal of Risk and Financial Management ◽

10.3390/jrfm14030139 ◽

2021 ◽

Vol 14 (3) ◽

pp. 139

Author(s):

José Ruiz-Canela López

Keyword(s):

Risk Management ◽

Banking Sector ◽

Operational Risk ◽

Field Work ◽

Risk Identification ◽

Enterprise Risk Management ◽

Management Tool ◽

Self Assessment ◽

Operational Risks ◽

Enterprise Risk

Operational risk is defined as the potential losses resulting from events caused by inadequate or failed processes, people, equipment, and systems or from external events. One of the most important challenges for the management of the company is to improve its results through its operational risk identification and evaluation. Most of Enterprise Risk Management (ERM) scholarship has roots in the finance/risk management and insurance (RMI) discipline, mainly in the banking sector. This study proposes an innovative operational risk assessment methodology (OpRAM), to evaluate operational risks focused on telecommunications companies (TELCOs), on the basis of an operational risk self-assessment (OpRSA) process and method. The OpRSA process evaluates operational risks through a quantitative analysis of estimates which inputs are the economic impact and the probability of occurrence of events. The OpRSA method is the “engine” for calculating the economic risk impact, applying actuarial techniques, which allow estimation of unexpected losses and expected losses distributions in a TELCO. The results of the analyzed business unit in the field work were compared with standardized ratings (acceptable, manageable, critical, or catastrophic), and contrasted against the company’s managers, proving that the OpRSA framework is a reliable and useful management tool for the business, and leading to more research in other sectors where operational risk management is key for the company success.

Download Full-text

Enterprise Risk Management Discloure, Komite Manajemen Risiko Dan Nilai Perusahaan

Syntax Literate ; Jurnal Ilmiah Indonesia ◽

10.36418/syntax-literate.v5i8.1557 ◽

2020 ◽

Vol 5 (8) ◽

pp. 595

Author(s):

Luluul Jannah ◽

Darlin Aulia ◽

Kurnia Indah Sumunar

Keyword(s):

Risk Management ◽

Enterprise Risk Management ◽

Enterprise Risk ◽

Iso 31000

Kepercayaan stakeholder terhadap informasi yang diberikan pada laporan keuangan semakin menurun. Saat ini, stakeholder lebih tertarik pada pengungkapan informasi mengenai risiko. Penelitian ini bertujuan untuk menguji apakah terdapat pengaruh pengungkapan enterprise risk management sebagai variabel moderasi terhadap komite manajemen risiko dan nilai perusahaan. Penelitian ini menggunakan sampel pada 110 perusahaan yang terdaftar di Bursa Efek Indonesia dengan kriteria perusahaan pertambangan pada tahun 2016-2018 dan perusahaan yang mengungkapkan enterprise risk management disclosure pada tahun 2016-2018. Berdasarkan pengukuran enterprise risk management disclosure menggunakan checklist yang dikembangkan berdasarkan ISO 31000: 2009, penelitian ini menemukan bahwa komite manajemen risiko berpengaruh positif signifikan terhadap nilai perusahaan dan enterprise risk management disclosure memperkuat pengaruh komite manajemen risiko terhadap nilai perusahaan. Komite manajemen risiko memberikan sinyal positif kepada stakeholder sehingga asimetri informasi tidak terjadi.

Download Full-text

Enterprise risk management: The maturity model for the ISO 31000 adopters

10.33422/3rd.bmeconf.2021.04.03 ◽

2021 ◽

Author(s):

Franciskus Antonius Alijoyo

Keyword(s):

Risk Management ◽

Enterprise Risk Management ◽

Maturity Model ◽

Enterprise Risk ◽

Iso 31000

Download Full-text

OPERATIONAL RISK MANAGEMENT OF SURABAYA MAIN NAVAL BASE V REPAIR AND MAINTENANCE FACILITY BASED ON ISO 31000 FRAMEWORK

JOURNAL ASRO ◽

10.37875/asro.v10i3.168 ◽

2019 ◽

Vol 10 (3) ◽

pp. 111

Author(s):

Yunus Patabang ◽

Suprayitno Suprayitno ◽

Erpan Sahiri ◽

I Made Jiwa

Keyword(s):

Risk Management ◽

Phase 1 ◽

Armed Forces ◽

Risk Identification ◽

Enterprise Risk Management ◽

Phase 2 ◽

Effective Prevention ◽

Enterprise Risk ◽

Iso 31000 ◽

Naval Base

Surabaya Main Naval Base V Repair and Maintenance Facility is one of the work units under the auspices of the Indonesian Navy that is tasked with carrying out the maintenance and repair of all major weapons systems of the Indonesian Navy. In carrying out their duties Surabaya Main Naval Base V Repair and Maintenance Facility has a big challenge and even there are various kinds of risks to prepare all the Indonesian Armed Forces defense equipment in accordance with the demands of need. Therefore, in this research, risk management will be carried out at the Surabaya Main Naval Base V Repair and Maintenance Facility Operational based on the ISO 31000: 2018 framework. Based on this framework, risk management will be carried out, namely how to carry out risk assessments in the form of risk identification, risk analysis, and risk evaluation for all risks in the operational field. Enterprise Risk Management (ERM) is also used to carry out in-depth risk management processes. One method used to solve existing problems is to use the House of Risk (HOR) method, which is divided into two stages. Stage 1 HOR focuses on ranking the Aggregate Risk Potential (ARP) value and with the help of the Pareto diagram the cumulative ARP value is obtained to determine the risk event (risk agent) selected, which then requires treatment on a priority scale. The results of this HOR phase 1 are then included in HOR phase 2 to rank the most effective prevention measures based on costs and resources. From the results of the HOR phase 2, further brainstorming was carried out with the Surabaya Main Naval Base V Repair and Maintenance Facility in accordance with the actions chosen for preventive actions that could be immediately carried out.Keywords: House of Risk, Enterprise Risk Management, SNI ISO 31000: 2018.

Download Full-text

Enterprise Risk Management (ERM) Practices to Achieve Long Term and Sustainable Organization’s Goals: Case of Institut Teknologi Bandung (ITB)

International Journal of Current Science Research and Review ◽

10.47191/ijcsrr/v4-i12-16 ◽

2021 ◽

Vol 04 (12) ◽

Author(s):

Johan Candra ◽

Keyword(s):

Risk Management ◽

Management Practices ◽

Management Practice ◽

Global Scale ◽

Enterprise Risk Management ◽

Trade Offs ◽

Enterprise Risk ◽

Risk Appetite ◽

Iso 31000

Every choice made in the pursuit of objectives has its risks. From day-to-day operational decisions to the fundamental trade-offs in the boardroom, dealing with uncertainty in these choices is a part of the organizational lives. A strategy is nothing more than a commitment to a set of coherent, mutually reinforcing policies or behaviours aimed at achieving a specific competitive goal. In order to ensure the implementation of efforts and the allocation of resources to achieve strategic goals, top management should conduct integrated risk management practices to all activities/initiatives of the organization’s management, both individually and collectively. Risk management is an intrinsic part of business planning and decision making. No direction is taken without looking at the potential risks and comparing them against the organization’s risk appetite. This paper aims to research in general the practice of enterprise risk management within Institut Teknologi Bandung (ITB) as a well-known and public-state-owned university in Indonesia. This research concludes that the enterprise risk management implementation is not fully implemented yet within ITB as an enterprise. Almost all respondents agree that the implementation of enterprise risk management has a positive and significant influence on the organization’s objectives achievement. Improving university performance overall will require an effective enterprise risk management practice. Author highly recommends ITB to adopt risk management practice based on ISO-31000 standard, and it can be combined with other risk management standards available nowadays if necessary. ITB needs to start the implementation at the soonest as possible, in order to maintain its strategic position as a top university in Indonesia, increase its competitive advantages to compete in the global scale, and at the same time achieving its vision and mission in a long-term and sustainable manner.

Download Full-text

The use ISO 31000:2018 in Indonesian Fintech Lending Companies: What Can We Learn?

Journal of Business and Management Studies ◽

10.32996/jbms.2022.4.1.3 ◽

2022 ◽

Vol 4 (1) ◽

pp. 16-22

Author(s):

Franciskus Antonius Alijoyo

Keyword(s):

Risk Management ◽

Enterprise Risk Management ◽

Analysis Method ◽

Enterprise Risk ◽

Study Results ◽

Interactive Data Analysis ◽

Iso 31000 ◽

Pros And Cons ◽

Interactive Data ◽

A Company

Enterprise risk management (ERM) is significant in running a company. ISO 31000 is one of the ERM types that are familiar. However, there are still pros and cons of ISO 31000. Thus, this study aimed to find out the responses of the Indonesian fintech lending companies managements in implementing ISO 31000. Specifically, this study tried to identify the problems in implementing ISO 31000:2018 to be implemented as ERM. Besides, it also discussed the benefits of the ISO 31000:2018 implementation from the companies' management's perspectives. The data were collected through questionnaires and interviews. The questionnaire results were quantified and interpreted in percentage, while the interview results were analyzed qualitatively using the interactive data analysis method. The study results showed that most of the companies' management believed that they had no significant problems implementing ISO 31000:2018. In addition, they felt that implementing ISO 31000:2018 as ERM gave many benefits in running the companies. The study's findings were discussed by connecting them with the current theories and empirical reviews. However, since the study was done qualitatively, a further study that involves quantitative study to measure the effectiveness of ISO 31000 empirically is needed to support the results of this study.

Download Full-text

Review of Literature on Methodological Approaches of Assessing the Adoption of Enterprise Risk Management Practices

Journal of Scientific Research and Reports ◽

10.9734/jsrr/2020/v26i1130332 ◽

2021 ◽

pp. 21-26

Author(s):

S. P. G. M. Abeyrathna ◽

A. J. M. Priyadarshana ◽

U. D. P. Priyashantha

Keyword(s):

Risk Management ◽

Management Practices ◽

Secondary Data ◽

Enterprise Risk Management ◽

Primary Data ◽

Review Of Literature ◽

Dummy Variables ◽

Enterprise Risk ◽

Iso 31000 ◽

Methodological Approaches

This study intends to examine the previous researches on Enterprise Risk Management (ERM). On examining the previous researches, it is evident that both primary data based (using robust models) and secondary data based (using Dummy variables) approaches adopted by the previous researchers and those are taken into account and have been reviewed in this paper. In here, researchers have identified that most of the recent studies have used robust models in assessing the adoption of ERM practices, while earlier researchers used dummy variables in assessing ERM practices. Here, in some cases, there are some contradictories of results of the studies in two approaches. Based on the recommendations, conclusions of prior research, and the analysis of the available literature, it has been recommended to use robust models like COSO ERM framework, ISO 31000 etc. in case of assessing the adoption of ERM practices in future studies.

Download Full-text

Operational Risk Assessment of an English Academy in Yogyakarta

Jurnal Entrepreneur dan Entrepreneurship ◽

10.37715/jee.v9i2.1442 ◽

2020 ◽

Vol 9 (2) ◽

pp. 5-12

Author(s):

Anastasia Filiana Ismawati

Keyword(s):

Risk Assessment ◽

Risk Management ◽

Data Analysis ◽

Operational Risk ◽

Enterprise Risk Management ◽

Operational Risks ◽

Long Run ◽

Enterprise Risk ◽

Operational Activities

This research was conducted for the risk assessment on the operational activities in order to assist PT. XYZ in managing the operational activities which leads to the goals of the firm. The use of Enterprise Risk Management (ERM) can help the organization to manage the risks holistically using the intergrated methods. This research focused on the risk assessment in PT. XYZ, especially for its operating, and provided a strategy of improvement from the existing risks. The methodology used in this research is a case study with triangulation of sources as the tool to conduct the data analysis. The informants of this research are the Operational Manager of PT. XYZ and five teachers. The data was obtained by conducting interviews and there were six operational risks found which would be best to respond and to manage as soon as possible for minimizing the risks. The result of this research is to hope that PT. XYZ shall be able to manage the risks by using the ERM methodology in order to have the business in the long run and to be successfully competing in the market.

Download Full-text