Pedoman Risiko, Struktur Risiko, dan Asesmen Risiko PT XYZ Tahun 2022-2023
DOI:
https://doi.org/10.34149/jebmes.v2i2.77Keywords:
Risk, Risk Management, Enterprise Risk Management, Risk Assessment, ISO 31000:2018Abstract
PT XYZ is a multinational professional services company specializing in business management, information technology, and outsourcing. Implementing risk management considered less optimal is marked by the absence of a risk management role in the organization structure. These risk management guidelines are not under the ‘best practice’ and are followed by the presence of risks that often occur in the internal and external environment, indicating that it is necessary to carry out a risk assessment to reduce the impact of the risks arise. This qualitative research aims to determine guidelines, structures, and risk assessment of PT XYZ. This study identifies 21 corporate risks derived from four categories; strategic risk, financial risk, operational risk, and externality risk, with categories of four very high risks, eight high risks, four moderate risks, three low risks, and two very low risks. Based on the proposed risk treatment, there are two ways of risk treatment that PT XYZ can do, including risk reduction and risk acceptance. The risk treatment can be carried out as soon as possible to avoid and minimize the risks that may occur.
References
Alijoyo, F. A. (2022). The use ISO 31000:2018 in Indonesian fintech lending companies: What can we learn? Journal of Business and Management Studies, 4(1), 16–22. https://doi.org/10.32996/jbms.2022.4.1.3
Anthon R. Tampubolon, S. (2011). Manajemen risiko teknologi informasi menggunakan framework ISO 31000:2009 studi kasus : Pembobolan ATM BCA tahun 2010. Jurnal Telematika, 7. https://journal.ithb.ac.id/telematika/article/view/58
Asmarawati, S. G., & Pangeran, P. (2021). ISO 31000-Based risk management and balanced scorecard to improve company performance: a case study at Indonsian YNK tour and travel company. International Journal of Multicultural and Multireligious Understanding, 8(3), 376. https://doi.org/10.18415/ijmmu.v8i3.2341
Astari, Indah Zulya, Didi Achjari, DR., M.Com., Ak., C. (2018). Analisis pelaksanaan manajemen risiko dengan aplikasi enterprise risk management pada PT Bukit Asam Tbk. Accounting and Business Information Systems Journal, Vol 6, No 3 (2018), https://journal.ugm.ac.id/abis/article/download/59077/28692
Auliyah, lda dan R. (2021). Analysis of information technology risk management in raja computer balikpapan branch using ISO 31000 framework. Syntax Fusion: Jurnal Nasional Indonesia 1(8), 268–280. http://fusion.rifainstitute.com/index.php/fusion/article/view/41/42
Aven, T., & Ylönen, M. (2019). The strong power of standards in the safety and risk fields: A threat to proper developments of these fields?. Reliability Engineering and System Safety, 189 (March), 279–286. https://doi.org/10.1016/j.ress.2019.04.035
Cruz, C. O., & Cunha, R. E. da. (2019). Application of ISO 31000 standard on tailings dam safety. REM - International Engineering Journal, 72(1), 47–54. https://www.scielo.br/j/remi/a/gHzpNWrg9McXGxPBrFJpdZL/?lang=en
Djohanputro, B. (2018). Manajemen risiko korporat terintegrasi. Jakarta: PPM Manajemen. https://opac.perpusnas.go.id/DetailOpac.aspx?id=400281
Firmanza, Fairianto Alfandy, I. H. K. (2021). Sistem informasi manajemen risiko pada PT XYZ framework ISO 31000. Jurnal Teknologi dan Terapan Bisnis, Vol. 4 No. 1 (2021), 26-30. https://jurnal.aksi.ac.id/index.php/jttb/article/view/99
Florea, R., & Florea, R. (2016). Internal audit and risk Management. ISO 31000 and ERM approaches. Economy Transdisciplinarity Cognition, 19(1), 72–77. http://www.ugb.ro/etc/etc2016no1/13_Florea_Radu__Florea_Ramona.PDF
Gabriel Henrique Silva Rampini, H. T., & Berssanetia, F. T. (2019). Critical success factors of risk management with the advent of ISO 31000 2018 - Descriptive and content analyzes. Procedia
Manufacturing, Volume 39, 2019, Pages 894-903 https://www.sciencedirect.com/science/article/pii/S2351978920304716
Halima Yefany Syahputri, M. L. K. (2020). Enterprise risk management analysis of group XYZ based on ISO 31000:2018 Framework. Asian Journal of Accounting and Finance, 2. https://myjms.mohe.gov.my/index.php/ajafin/article/view/10713
Indonesia, C. (2019). Survei Nasional Manajemen Risiko. CRMS Indonesia. https://crmsindonesia.org/wp-content/uploads/2019/11/CRMS-Indonesia-Survei-Nasional- Manajemen-Risiko-2019.pdf
Ismi, T. (n.d.). RACI matrix, Cara Pembagian Tugas Efektif untuk Tim yang Lebih Produktif. https://glints.com/id/lowongan/RACI-adalah/#.Yn8HeC1h3s0
Leo J. Susilo, & Kaho, V. R. (2018). Manajemen Risiko Berbasis ISO 31000:2018 Panduan Untuk Risk Leader dan Risk Practioner. https://ebooks.gramedia.com/id/buku/manajemen-risiko-berbasis-iso-31000-2018-panduan-untuk-risk-leaders-dan-risk-practitioners
Mahardika, K. B., Wijaya, A. F., & Cahyono, A. D. (2019). Manajemen Risiko Teknologi Informasi Menggunakan Iso 31000 : 2018 (Studi Kasus: Cv. Xy). Sebatik, 23(1), 277–284. https://doi.org/10.46984/sebatik.v23i1.572
Mashudi, D., Syah, T. Y. R., Pusaka, S., & Ramdhani, D. (n.d.). Implementation of risk management process for start-up business PT Indo Bright Skincare. Repository Universitas Esa Unggul. https://digilib.esaunggul.ac.id/UEU-Journal-11_2545/24563/business-plan
Natasya Ribka Malonda, A. D. M. (2021). Analisis Risiko Teknologi Informasi pada Sistem Informasi Manajemen Kepegawaian (SIMPEG) pada Dinas Pendidikan Kota Salatiga. Jurnal Mantik, 5(36), 1087–1095. https://iocscience.org/ejournal/index.php/mantik/index
Normaria Mustiana Sirait, A. S. (2018). Analisis risiko operasional berdasarkan pendekatan Enterprise Risk Management (ERM) pada perusahaan pembuatan kardus di CV. Mitra Dunia Palletindo. Jurnal Dimensi, 7(2). https://doi.org/10.33373/dms.v7i2.1699
Parviainen, T., Goerlandt, F., Helle, I., Haapasaari, P., & Kuikka, S. (2021). Implementing Bayesian networks for ISO 31000:2018-based maritime oil spill risk management: State-of-art, implementation benefits and challenges, and future research directions. Journal of Environmental Management, 278(March 2020). https://doi.org/10.1016/j.jenvman.2020.111520
Pratama, I. P. A. E., & Pratika, M. T. S. (2020). Manajemen risiko teknologi informasi terkait manipulasi dan peretasan sistem pada Bank XYZ tahun 2020 menggunakan ISO 31000:2018. Jurnal Telematika, 15(2), 63–70. http://jurnal.utu.ac.id/ekombis/article/view/398
Putra, Z., Chan, S., & IHA, M. (2018). Desain manajemen risiko berbasis ISO 31000 pada PDAM Tirta Meulaboh. E-Kombis, 3(1), 52 – 71.
Ramadhan, Dewangga Lazuardi, Ronie Febriansyah, R. S. D. (2020). Analisis manajemen risiko menggunakan ISO 31000 pada Smart Canteen SMA XYZ. JURIKOM. https://ejurnal.stmik-budidarma.ac.id/index.php/jurikom/article/view/1791
Sanjaya, I. G. A. S., Sasmita, G. M. A., & Sri Arsa, D. M. (2020). Information technology risk management using ISO 31000 based on issaf framework penetration testing (Case study: Election commission of x city). International Journal of Computer Network and Information Security, 12(4), 30–40. https://doi.org/10.5815/ijcnis.2020.04.03
Saputra, A., Indradewa, R., Syah, T. Y. R., & Fajarwati, D. (2021). Risk Management Application for Business Startups Jamu Partnership in Indonesia. Repository Uiversitas Esa Unggul. https://digilib.esaunggul.ac.id/UEU-Journal-11_2480/24081
Theodorou, John A., I. T. (2021). A framework for risk analysis of the shellfish aquaculture: The case of the Mediterranean mussel farming in Greece. Keai Publishing. https://www.sciencedirect.com/science/article/pii/S2468550X21000435
Wahyudien, M. A. N., & Kusrini, E. (2020). Risk Management Berdasarkan Framework Pada Aktifitas Perusahaan Jasa Konsultasi Dengan ISO 31000:2018. Teknoin, 26(2), 127–140. https://doi.org/10.20885/teknoin.vol26.iss2.art4
