Proses Manajemen Risiko ISO 31000: Penetapan Ruang Lingkup, Konteks, dan Kriteria
Summary
TLDRThis video discusses risk management processes based on ISO 31000 standards, highlighting how risk management is already a part of daily life. It introduces the structured, systematic, and comprehensive approach to risk management that ISO 31000 offers. The video focuses on setting the scope, context, and risk criteria, using examples such as a single 30-year-old male named Pak Ali and a FMCG company aiming to increase sales by 50% by the end of 2023. It explains internal and external contexts, and how to establish risk criteria for evaluation and decision-making, including consequences, likelihood, control effectiveness, and risk ranking.
Takeaways
- 📚 The video discusses risk management processes based on ISO 31000 standards.
- 🌟 Risk management is a part of everyday life, making the ISO 31000 standard relatable and applicable.
- 🏢 The ISO 31000 standard helps structure, systematize, and make risk management comprehensive.
- 📈 The risk management process includes activities such as scope definition, context and criteria, risk assessment, risk treatment, and reporting.
- 📍 The script focuses on the 'scope definition' part of the risk management process.
- 👤 An example of internal context is given with a character named Pak Ali, providing personal details to illustrate context.
- 🚗 External context examples include distance from home to office and transportation methods like taxis and trains.
- 📈 A company's external context is exemplified with a FMCG company aiming to increase sales by 50% by the end of 2023.
- 🔍 Criteria for risk are established to evaluate the significance of risks and support decision-making processes.
- 📊 Risk criteria can be divided into analysis criteria and evaluation criteria, covering aspects like consequences, likelihood, control effectiveness, and risk ranking.
- 🚦 The criteria help determine risk appetite, tolerance, and priority, which are crucial for managing risks effectively.
Q & A
What is the main topic discussed in the video?
-The main topic discussed in the video is the process of risk management based on ISO 31000.
What does ISO 31000 aim to achieve in risk management?
-ISO 31000 aims to provide a structured, systematic, and comprehensive approach to risk management.
What are the components of the risk management process according to ISO 31000?
-The components include establishing the context and criteria, risk assessment, risk treatment, and reporting.
What is meant by 'establishing the context' in risk management?
-Establishing the context involves understanding the internal and external conditions relevant to the risk management process.
Can you provide an example of internal context mentioned in the video?
-An example of internal context is the condition of Pak Ali, a 30-year-old single male who is less sensitive to noise when asleep and lives alone.
What is an example of external context given in the video?
-An example of external context is the distance between home and office, transportation options like taxis and trains, and road conditions.
What is the role of criteria in risk management?
-Criteria are used to evaluate the significance of risks and support the decision-making process in risk management.
What are the types of criteria mentioned for risk analysis?
-The types of criteria include consequences, likelihood of occurrence, effectiveness of risk controls, and risk ranking.
What does 'consequences' refer to in the context of risk analysis criteria?
-Consequences refer to the impact on revenue, budget, cost, profit, time, and other factors.
How are 'likelihood of occurrence' and 'effectiveness of risk controls' evaluated?
-Likelihood of occurrence is evaluated based on frequency, number of occurrences within a certain time period, or percentage. Effectiveness of risk controls is evaluated based on whether existing controls are effective in design and function to prevent or mitigate risk impacts.
What is the purpose of risk ranking criteria?
-Risk ranking criteria combine consequences and likelihood of occurrence to understand the risk's impact on achieving objectives.
What are the elements of risk evaluation criteria?
-Risk evaluation criteria include risk appetite, risk tolerance, and risk priority.
How are risk appetite and risk tolerance used in decision-making?
-Risk appetite refers to the amount and type of risk an organization is willing to pursue or retain, while risk tolerance is the degree to which variability in the achievement of objectives is acceptable.
Outlines
📈 Introduction to Risk Management Process
This paragraph introduces the concept of risk management as per ISO 31000 standards and its application in everyday life. It emphasizes that risk management is not a daunting task but a part of daily activities. ISO 31000 is presented as a standard that helps structure, systematize, and make risk management comprehensive. The paragraph outlines the risk management process, which includes activities such as defining the scope, context, and criteria for communication and consultation, risk assessment, risk treatment, and reporting. An example is given to illustrate the process of defining the scope and context for risk management, using a personal scenario involving a man named Pak Ali who is 30 years old, single, and lives alone. The internal context includes his health and sensitivity to noise, while the external context includes the distance between his house and office, transportation options, and road conditions. Another example is provided for an organization, such as an FMCG company aiming to increase sales by 50% by the end of 2023, with its scope encompassing product, marketing, and innovation divisions. The internal context here includes employees and executives, while the external context involves consumers, raw material suppliers, distributors, competitors, regulators, and non-profit organizations. The paragraph also discusses the criteria for risk assessment, which should be flexible, aligned with organizational goals and resources, and consistent with risk management policies. The criteria for risk analysis include consequences, likelihood of occurrence, effectiveness of risk controls, and the criteria for evaluating risk, which combines the impact and probability of occurrence to understand the risk's influence on achieving objectives.
🔍 Continuation of Risk Management Process
This paragraph serves as a teaser for the continuation of the risk management process in subsequent videos. It mentions that the upcoming video will cover the rest of the risk management process, indicating that this is part of a series. The paragraph ends with a musical cue, signaling the end of this segment and anticipation for the next installment.
Mindmap
Keywords
💡ISO 31000
💡Risk Management
💡Scope
💡Context
💡Risk Criteria
💡Consequence
💡Likelihood
💡Control Effectiveness
💡Risk Appetite
💡Risk Tolerance
Highlights
Introduction to risk management process based on ISO 31000.
Risk management is a part of daily life, making it relatable and less daunting.
ISO 31000 serves as a standard to structure, systematize, and make risk management comprehensive.
Risk management process includes defining scope, context, and criteria.
Explanation of internal context with an example of a single male named Pak Ali.
External context factors such as distance to work and transportation methods are discussed.
Example of a company's internal context includes employees and executives.
External context for a company might involve consumers, suppliers, distributors, competitors, regulators, and non-profit organizations.
Risk criteria are established to evaluate the significance of risks and support decision-making.
Criteria for risk analysis include consequences, likelihood, effectiveness of risk controls, and risk ranking.
Risk evaluation criteria consist of risk tolerance, appetite, and priority.
High-level risks require immediate control actions and cannot be tolerated.
Tolerable risks need to be reassessed and their treatment reconsidered.
The criteria will serve as a basis for setting risk evaluation criteria for determining risk appetite and tolerance limits.
The video will continue to discuss other processes of risk management in subsequent episodes.
Encouragement to watch the next video for further exploration of risk management processes.
Transcripts
[Musik]
Halo teman-teman crms di video kali ini
kita membahas proses manajemen risiko
berdasarkan iso 31.000 dan juga contoh
sederhananya Tahukah anda bahwa
sebetulnya manajemen risiko sudah anda
lakukan dalam kehidupan sehari-hari
sehingga kita tidak perlu merasa
terbebani dengan adanya manajemen
iso 31.000 merupakan standar yang dapat
menjadi acuan agar penerapan manajemen
risiko menjadi lebih terstruktur
sistematis dan
komprehensif proses manajemen risiko
berdasarkan iso 31.000 terdiri dari
aktivitas penetapan ruang lingkup
konteks dan
kriteriaunikasi dan
konsultasi
penilaian
au dan
pauan ser pcatatan dan
pelaporan kali ini kita akanah proses
manaj risiko bagian penetapan ruang
lingk konteks dan
Krit tu petapan ruang lingk konteks dan
kriteriaendeskripsik kondisi untuk
menyesuikan proses manaj
risik ke kantor sebelum pukul
pagi maka konteks internal Pak Ali
laki-laki usia 30 tahun status single
kondisi sehat kurang sensitif terhadap
suara jika sudah tertidur dan tinggal di
rumah
sendiri Adapun konteks eksternal sebagai
berikut jarak antara rumah dengan kantor
transportasi untuk ke kantor Seperti
taksi dan kereta api dan kondisi
jalan contoh lain dalam organisasi
misalnya suatu perusahaan fmcg atau fast
moving cumer good mempunyai sasaran
menaikkan penjualan sebesar 50% di akhir
tahun
2023 maka ruang lingkupnya divisi produk
pemasaran dan inovasi konteks internal
pegawai atau karyawan perusahaan dan
eksekutif
perusahaan konteks
eksternal konsumen pemasuk bahan baku
distributor
kompetitor
regulator dan organisasi
nonprofit kriteria risiko kriteria
risiko ditentukan untuk mengevaluasi
signifikansi risiko dan untuk mendukung
proses pengambilan
keputusan kriteria risiko sebaiknya
fleksikan nilai sasaran dan sumber daya
organisasi serta konsisten dengan
kebijakan dan pernyataan tentang
manajemen risiko kriteria risiko dapat
terbagi ke dalam kriteria analisis
risiko dan kriteria evaluasi
risiko kriteria analisis risiko terdiri
dari kriteria
konsekuensi misalnya konsekuensi
terhadap pendapatan anggaran biaya
profit waktu dan
lain-lain kriteria kemungkinan kejadian
misalnya diidentifikasi berdasarkan
frekuensi jumlah kejadian dalam kurun
waktu tertentu atau
persentasenya kriteria efektivitas
pengendalian risiko misalnya dengan
menilai Apakah pengendalian yang ada
masih efektif dari segi desain maupun
fungsinya dalam mencegah atau memitigasi
dampak risiko kriteria peringkat risiko
kriteria peringkat risiko merupakan
metode untuk menggabungkan kedua
konsekuensi dan kemungkinan kejadian
untuk mengetahui daya pengaruh risiko
terhadap ketercapaian
sasaran kriteria evaluasi risiko terdiri
dari
toleransi selera dan prioritas
risiko setelah kriteria ini ditentukan
maka akan menjadi dasar penetapan
kriteria evaluasi risiko untuk
menentukan batasan selera toleransi dan
prioritas
risiko misalnya untuk risiko yang sangat
tinggi selera risikonya yaitu tidak
dapat diterima dan perlu pengendalian
terutama tindakan
responsif toleransi risikonya adalah
tidak dapat ditolerir dan perlakuan
risikonya perlu dikaji ulang
itulah pengertian dan contoh proses
manajemen risiko penetapan ruang lingkup
konteks dan kriteria nantikan video
selanjutnya yang akan membahas proses
manajemen resiko lainnya see you in the
next
[Musik]
video
تصفح المزيد من مقاطع الفيديو ذات الصلة
Ultimate Guide to Risk Management for Businesses
What is Risk Management? | Risk Management process
How to Make a Risk Assessment Matrix in Excel
IT Security Governance Overview
ISTQB FOUNDATION 4.0 | Tutorial 50 | Risk Identification | Risk Assessment | CTFL Tutorials
Risk Management & Position Sizing Strategy for Trading
5.0 / 5 (0 votes)