MOHAMAD HASSAN AK., MAFIS, QIA, CRMP, CRMA
RISK MANAGEMENT PROCESS
RISK IDENTIFICATION
RISK MEASUREMENT
RISK MITIGATION / CONTROL
RISK MONITORING RISK
MGT
PROCESS
THE RISK MANAGEMENT PROCESS
The Risk
Management
Process
Identify &
Assess Risks
Document Risk
Acceptance Decision
Acceptable
Organizational
Objectives
Identify Current
Control s
No
Yes
Action
Identify & Assess
Residual Risks
Objectives harus ‘SMART’:
S pecific
M easurable
A ttainable
R ealistic
T imeframe
Exposure analysis
Asset (Aktiva)
Environmental analysis
Lingkungan usaha
Threat Scenario
Ancaman terhadap proses
bisnis
Brainstorming questions
Financial Assets: Cash, Securities, Credit Physical Assets: Land, Building,
Equipment Human Assets: Knowledge, Skills Intangible Assets: Reputation,
Information
Exposure analysis
Physical
Economic
Regulation
Competition
Customers
Suppliers
Union
Technology
Threat:
Theft
Fraud
Disaster
Errors
Omissions
Delays
Scenario:
Penjelasan aset
Jenis ancaman
Konsekuensi
Bagaimana terjadinya
Definisi Risiko :
Kemungkinan suatu “event” atau “circumstance” pada suatu “operasional set-up” tertentu akan menjadi hambatan bagi pencapaian tujuan organisasi.
Tiga unsur risiko:
1.) “Event” dan “Circumstances”
Jenis Risiko
2.) “Operational Set-up” Internal
External
3.) Hambatan pencapaian tujuan
Konsekuensi
Penyebab
Insufficient training
CAUSES EVENTS CONSEQUENCES
Lack of management
supervision
Inadequate
auditing procedures
Inadequate security
measures
Poor HR
policies
Poor systems
design
Inadequate
segregation of duties
External
Fraud
Employment Practices
& Workplace Safety
Clients, Products
& Business Practices
Damage to
Physical Assets
Business Disruption
& System Failures
Execution, Delivery &
Process Management
Internal
Fraud Regulatory, Compliance
& Taxation Penalties
Restitution
Loss of Recourse
Reputation
Business Interruption
EFFECTS
Monetary
Losses
OTHER
IMPACTS
Forgone
Income
•
•
•
Write-down
Loss or Damage
to Assets
Legal Liability