System and Infrastructure of Risk Management of the Company
The Company continues to deliver benefit as much as possible to the shareholders and stakeholders. Nevertheless, while doing business, there are uncertainties that come from internal and external environment, which have an effect on the achievement of the company’s goals. These uncertainties are getting serious as business climate changes rapidly and get more complex. These are business risks that are unavoidable and have to be managed through a mechanism called “risk management”. A company which is able to manage risks well is considered having good sense of sensitivity to detect risks, having the flexibility to respond to risk and ensure the capability of its resources to take action in order to mitigate the level of risk. Whereas those that cannot control risk well will waste a large amount of time and money and risk itself to achieve the company’s goal.
The implementation of risk management at PT WIKA Beton Tbk is in accordance with the Decree of the Minister of State Owned Enterprise Number: PER-09/MBU/2012 concerning the Implementation of Good Corporate Governance Practice at SOE and to implement Risk Management using SNI Framework of ISO 31000:2011 (hereinafter referered to as ISO 31000).
In order to develop risk management practice, PT WIKA Beton Tbk has periodically and sustainably developed and increased the risk management system framework and an integrated and comprehensive control structure, which can provide information about the risk potential that can affect the company’s outcome earlier. This is done to be able to take proper action to minimize the risks.
In order to be able to manage potential risks, the Head Office and work unit/subsidiary of PT WIKA Beton Tbk enforces a program on the implementation of risk management, which includes:
- Detecting/identifying risks as early as possible in every activity that relates to the existing line of business in the environment of PT WIKA Beton Tbk.
- Measuring the level/amount of risks by calculating the impact and potential of risk occurrence.
- Performing analysis and evaluation on risk sources and the cause of the risk as a basis to map and control significant risks.
- Developing controlling strategy plan on high risk or top- priority risks.
- Implementing controlling strategy on risks that can damage the sustainability of the business.
- Continuously performing communication, consulting, review, and monitoring of risks, especially those having a quite significant impact on the condition of the company.
The above Risk Management process can be described in the picture below:
Roadmap of the Company’s risk management implementation is developed based on the level of maturity and preparedness of both the company and its existing human resources in implementing risk management. The roadmap of risk management implementation of the Company is reviewed and evaluated periodically by the Risk Management unit at the Head Office.
The level of maturity of the risk management implementation of PT WIKA Beton Tbk in 2015, which has been analyzed using framework of ISO 31000 is 3 (from the scale of 1-4).
The Company continues to instill risk awareness culture to all employees of the Company by providing proper understanding on the factors related to the daily work or function. In various evaluation meeting, from the lowest level to the Board of Directors level, risk potential that can damage the final outcome of business is discussed.
The Company continues to increase the competency of employee in every risk management field through internal training, seminar, and risk management discussion group, which is expected able to improve the understanding on the awareness of the risk management.
Evaluation on the Effectiveness of Risk Management System
The Company has periodically evaluated the effectiveness of risk management system of the Company by doing risk- based internal audit by SPI, internal audit by Internal Team, and assessment by the consultant.
Internal Audit of SPI
Internal audit conducted by the company’s organ, namely SPI, is risk-based audit. Audit object and audit focus are prioritized based on risks, from the biggest
to the smallest risks. Following audit process, the most significant activities of the Company will be reported to the Board of Directors to prepare steps of improvement and anticipatory measures.
Internal Audit is performed every semester in all work units, the Board of Directors is no exception. It is performed by internal team of the Company that has been provided with knowledge of how to do its job. IA comprises audit of ISO Management, Equipment Management, SMK3 and Risk Management implementation. Furthermore, IA’s findings have to be improved by related Work Unit that is stated in Preventive Action Plan which is also monitored during its implementation. Audit findings are reported to the Board of Directors, the findings include evaluation on the performance of each work unit.
Assessment by Independent Consultant
The Company periodically conducts measurement level of risk management implementation by independent risk management consultant. Assessment object is the whole instruments of the Company, from the Board of Directors to the management level in the field. Assessment results provide estimation of achievement level of risk management practices that can be compared with previous periods. They can also provide suggestions for achievement increase in the next stage. The three ways of evaluation can provide assurance and certainty to the Company and stakeholders to guarantee the sustainability of the developing business.
The Company’s Risk Category
General description on the company’s risks, as well as the mitigation plan and the existing control in 2015 is as stated in the Corporate KPI that has been determined as the parameter of target achievement. The risk will be varied or unique, and its management pattern will also be more specific. The category of risk posed to the company is as follows: