ENTERPRISE RISK MANAGEMENT ANALYSIS OF GROUP XYZ BASED ON ISO 31000:2018 FRAMEWORK
XYZ Group is a business unit of 5 CVs worked on providing construction and procurement services. The company was founded in 2007 and located in Blitar, East Java. In 2018, the company experienced a change of leadership. In the face of this change, several strategies by the company are restructuring...
Saved in:
| Main Author: | |
|---|---|
| Format: | Final Project |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/64438 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| Summary: | XYZ Group is a business unit of 5 CVs worked on providing construction and procurement services. The company was founded in 2007 and located in Blitar, East Java. In 2018, the company experienced a change of leadership. In the face of this change, several strategies by the company are restructuring by reducing the number of CVs under the auspices of previously 9 CVs to 5 CVs and focusing more on procurement projects. Even though the strategy has been carried out in order to deal with changes, the XYZ Group still experiences the same problems as when the company was under the previous leadership. XYZ Group did not get the results expected by the company. In carrying out the project, the company faces various uncertainties that result in 10 projects being worked on, 4 projects resulting in losses. This indicates the absence of good risk management in the XYZ Group. To find out the uncertainties that occur in the XYZ Group, an enterprise risk management analysis is carried out in the XYZ Group.
Risk analysis is carried out based on the ISO 31000:2018 framework with ISO 31010:2019 as a guide for implementation and techniques in using the framework. In the risk analysis process, the identified risks are divided into 3 based on relationships including risks related to construction, risks related to procurement, and general company risks.
From the analysis that has been done, there are 29 risks identified categorized into 3 types of risk including operating risk, market risk, and other risks. There are 4 sub-types of operating risk including process, human, legal, and external events. While on market risk, there are 1 sub-types identified, namely risk of changes in commodity values. In other risks, there are 2 sub-types, namely financial and reputation risk. From the assessment of the likelihood and consequence level, there are 1 risk including extreme category, 9 including high category, 3 including moderate category, and 16 including low category. For the medium, high, and extreme categories mitigation measures are needed for some risks in order to reduce the likelihood and impact of those risks.
|
|---|