Home >Documents >pengurusan risiko organisasi

pengurusan risiko organisasi

Date post:19-Oct-2015
Category:
View:61 times
Download:1 times
Share this document with a friend
Transcript:
  • TitlePENGURUSAN RISIKO ORGANISASI

    Kursus

    Pengurusan Risiko Organisasi (ERM)

    3 4 Ogos 2011

    Universiti Teknologi Malaysia

  • Risk: the chance of something happening that may have an impact on the achievement of objectives, measured in terms of consequences and likelihoodcombined to arrive at a risk rating from Low to Very High

    Risk management: the culture, processes and structures that are directed towards realising potential opportunities whilst managing adverse effects

    Konsep Risiko & Pengurusan Risiko

  • Pengurusan Risiko - ERM

    a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives.

  • Pengurusan Risiko - ERM

    A risk is defined by the Australia/New Zealand Standard for Risk Management (AS/NZS 4360:2004) as the possibility of something happening that impacts on your objectives. It is the chance to either make a gain or a loss. It is measured in terms of likelihood and consequence.

  • Kepentingan Pengurusan Risiko

    Governance

    Control

    Assurance

    Competition

    Rating

    Culture of Excellence

    Recognition

  • Mengapa ERM?

    Underlying principles:

    Every entity, whether for-profit or not, exists to realize value for its stakeholders.

    Value is created, preserved, or eroded by management decisions in all activities, from setting strategy to operating the enterprise day-to-day.

  • Mengapa ERM?

    ERM supports value creation by enabling management to:

    Deal effectively with potential future events that create uncertainty

    Respond in a manner that reduces the likelihood of downside outcomes and increases the upside.

  • Faedah ERM

    will safeguard organization's interests and ensure the best use of resources.

    a central element of good corporate governance

    as a tool to assist in strategic and operational planning

    has many potential benefits in the context of the changing operating environment

  • ERM yang Efektif

    Support from the Top is a Necessity

    Build ERM Using Incremental Steps

    Focus Initially on a Small Number of Top Risks

    Leverage Existing Resources

    Build on Existing Risk Management Activities

    Embed ERM into the Business Fabric of the Organization

    Provide Ongoing ERM Updates and Continuing Education for Directors and Senior Management

  • Rangka Kerja Pengurusan Risiko

    ERM

    ISO 31000

    AS/NZS 4360:2004

    KPMG

    Pendekatan SQRG

  • Rangka Kerja Pengurusan Risiko - ERM

    Entity objectives can be

    viewed in the context of four

    categories:

    Strategic

    Operations

    Reporting

    Compliance

  • Rangka Kerja Pengurusan Risiko - ERM

    ERM considers activities at all levels

    of the organization:

    Enterprise-level

    Division or

    subsidiary

    Business unit

    processes

  • Rangka Kerja Pengurusan Risiko - ERM

    The eight components of the framework

    are interrelated

    Internal Environment

    Objective setting

    Event Identification

    Risk Assessment

    Risk Response

    Control Activities

    Information & Communication

    Monitoring

  • Rangka Kerja Pengurusan Risiko ISO 31000; Risk Management

    5.2 Mandate and

    Commitment

    5.3 Designing the

    Framework

    5.4 Implementing Risk

    Management

    5.5 Monitoring and

    Reviewing the

    Framework

    5.6 Continual

    Improvement of the

    Framework

    6. Risk Mgmt.

    Process

  • Rangka Kerja Pengurusan Risiko AS/NZS 4360:2004

  • Rangka Kerja Pengurusan Risiko - KPMG

  • BSC/Pelan StrategikPengurusan Risiko

    Entiti

    Strategi & Governan PR

    Fasa 1: Perancangan

    Fasa 4: Pemantauan,

    Penilaian &

    Pelaporan

    Pemantauan &

    Penambahbaikan

    Proses & Implementasi

    Fasa 2: Penilaian & Analisis

    Fasa 3: Integrasi

    Rangka kerja Pengurusan Risiko SQRG

  • Rangka kerja Pengurusan Risiko

    Rangka kerja Deskripsi

    Strategi & Governan

    PR

    Menentukan strategi dan governan untuk pelaksanaan

    pengurusan risiko yang menyeluruh, bersepadu, berkesan

    secara berterusan

    Perancangan

    Menentukan dan membuat persediaan pelaksanaan dan

    konteks pengurusan risiko secara berterusan merentasi

    seluruh entiti, PTJ dan proses bisnes

    Penilaian & Analisis

    Mengklasifikasi risiko, menilai, mengukur dan menganalisis

    risiko yang menghasilkan profil risiko utama mengikut

    keutamaan entiti, PTJ dan proses bisnes

    Integrasi

    Menentukan respon, aktiviti kawalan risiko, risk measures serta maklumat risiko dan komunikasi berterusan untuk

    pelaksanaan efektif pengurusan risiko

    Pemantauan,

    Penilaian &

    Pelaporan

    Pemantauan, pengumpulan data, penilaian keatas risk measures, pelaporan dan penambahbaikan pengurusan risiko

  • Rangka kerja Pengurusan Risiko

    BSC/Pelan Strategik/PBPengurusan

    Risiko Entiti

    Strategi & Governan PR

    F1: Perancangan

    F4: Pemantauan,

    Penilaian & Pelaporan

    Pemantauan &

    Penambahbaikan

    Proses &

    Implementasi

    F2: Penilaian & Analisis

    F3: Integrasi

    Governan Polisi Struktur ERM Perjawatan Strategi & Objektif

    Entiti PTJ Proses bisnes Kesedaran & Kesediaan Mandat & komitmen Konteks risiko

    Identifikasi, ownership & Pendaftaran

    Analisis risiko Penilaian, Prioritization &

    Profil risiko

    Pemantauan proses, PTJdan Entiti

    Data & penilaian Pelaporan Penambahbaikan

    Respon Aktiviti Kawalan Roll-out & komunikasi

  • Proses Pengurusan Risiko

    F1: Perancangan

    F4: Pemantauan,

    Penilaian & Pelaporan

    F2: Penilaian & Analisis

    F3: Integrasi

    Konteks risiko

    Identifikasi, ownership & Pendaftaran

    Analisis risiko Penilaian, Prioritization &

    Profil risiko

    Pemantauan proses, PTJdan Entiti

    Data & penilaian Pelaporan Penambahbaikan

    Respon Aktiviti Kawalan Roll-out & komunikasi

  • Entiti - UTM

    Fasa 1: Perancangan

    PTJ - PBUTM

    Proses Bisnes Perolehan

    Menentukan dan

    membuat persediaan

    pelaksanaan

    pengurusan risiko

    secara berterusan

    merentasi seluruh

    entiti, PTJ dan proses

    bisnes

  • Fasa 1: Perancangan

    Mandat & Komitmen

    1. Lantikan

    2. Komitmen masa

    3. Sokongan sumber

    Kesediaan

    1. Konsultan/IR

    2. Staf

    3. Info Rujuk ice-breaking session

    Kesedaran

    1. Kursus

    2. Pengetahuan

    3. Pengiktirafan

  • Fasa 1: Perancangan

    Kriteria dan

    struktur analisis

    risiko ditentukan

    Membangunkan konteks

    1. Konteks risiko

    2. Kriteria risiko

    Membuat validasi

    objektif, projek,

    kaitan organisasi &

    persekitaran yang

    menentukan skop

    dan proses

    pengurusan risiko

    dilaksana What is at RISK?

    Rujuk Aktiviti Bengkel 1

  • Fasa 2: Penilaian & Analisis

    Menentu, mengklasifikasi

    risiko, menilai, mengukur

    dan menganalisis risiko

    yang menghasilkan profil

    risiko mengikut

    keutamaan entiti, PTJ

    dan proses bisnesFaktor-

    faktor

    Luaran

    Faktor dalaman

    Risiko!!!!!

    Menjejaskan

    pencapaian objektif

    Mencapai potensi

    peluang

  • Fasa 2: Penilaian & Analisis

    Identifikasi Risiko & Event

    Berdasarkan proses bisnes (operasi) Berdasarkan risiko tipikal di pasaran Audit dan hasilnya Penglibatan dan pengalaman Perkara baru sistem, proses, model dll Berdasarkan projek/keputusan Berdasarkan external events

    Proses menentukan risiko yang terlibat dengan sesuatuproses bisnes/ perkhidmatan/projek/events

    Rujuk Aktiviti Bengkel 2

  • Fasa 2: Penilaian & Analisis

    Identifikasi Risiko & Event

    Bilangan kejadian (Lebih banyak, lebih tinggirisiko)

    Tahap impak - Kewangan (Tinggi RM) , Reputasi(Imej terjejas teruk) , Operasi (lumpuh) dll

    Keutamaan kepada risiko tinggi

  • Fasa 1: Perancangan

    Proses Bisnes Perolehan Fungsi Proses bisnes Sub-proses Aktiviti Produk/perkhidmatan

    Bagaimana ia boleh menjejaskan

    pencapaian objektif?

    Rujuk Aktiviti Bengkel 2

  • Fasa 2: Penilaian & Analisis

    Identifikasi Risiko & Event

    Klasifikasi Risiko COSO (Risk Model)

    Environmental Risks Capital Availability Regulatory, Political, and Legal Financial Markets and

    Shareholder Relations

    Process Risks Operations Risk Empowerment Risk Information Processing /

    Technology Risk Integrity Risk Financial Risk

    Information for Decision Making Operational Risk Financial Risk Strategic Risk

  • Fasa 2: Penilaian & Analisis

    Identifikasi Risiko & Event Klasifikasi Risiko

    Operasi (termasuk pematuhan & pelaporan) Liputan meliputi semua fungsi mengikut proses risiko

    Kewangan Reputasi (termasuk integriti) Teknologi Hazards/ Fizikal Pasaran Bisnes Strategi

  • Fasa 2: Penilaian & Analisis

    Ownership & PendaftaranOwn

Embed Size (px)
Recommended