ENTERPRISE RISK MANAGEMENT
Indonesia Clearing and Guarantee Corporation is committed to improving its capabilities as a Central Counterparty (CCP) having international standards, one of them by implementing the Good Corporate Governance (GCG) principles in the form of the risk management application in every company’s activity in order to mitigate or reduce the risk to be as small as possible so the company can achieve optimal results.
Risk Management in KPEI is implemented based on Three Lines of Defense approach, which consists of a component or business functions (Risk Owner), ERM (Enterprise Risk Management) and SPI (Internal Audit Unit). As a second line of defense, KPEI ERM is developed based on SNI : ISO 31000 risk management standard, which consists of risk management principles, risk management framework and risk management processes. According to ISO: ISO 31000, risk is the impact of uncertainties for the achievement of the organization’s objectives, while the definition of risk management is the coordinated activities undertaken in order to manage and control an organization with regard to the risks it faces. On the definitions that have been described we can see that Corporate Risk Management or Enterprise Risk Management (ERM) system is implemented to manage and control the risk of the company's business where corporate goals are expected to be achieved.
KPEI ERM system is arranged based on the principles, framework and process of interrelated ERM and in accordance with SNI : ISO 31000 for ERM. The risk management principles functions as a cornerstone paradigm in implementing risk management frameworks and processes. ERM work stages consist of firstly context determination, secondly risk assessment which consists of risk identification, risk analysis and risk evaluation. Risk evaluation is carried out by determining the acceptable level of risk based on the company’s risk appetite and risk tolerance. The third stage is the risks handling by performing planning and determining priorities for the risk management implementation. All the stages or processes are done through communication and consultation with Risk Owner and monitoring and review by ERM where these processes will then produce KPEI's corporate risk profile.
BUSINESS CONTINUITY MANAGEMENT