7 Reviu, Pemantauan dan Pelaporan Manajemen Risiko

ittama_bpom

4 Mar 202109:35

Summary

TLDRThis video covers the comprehensive process of risk review, monitoring, and reporting in an organization. It explains the objectives of these processes, which include continuous oversight of high-risk exposures, ensuring effective risk control, and obtaining up-to-date information on risk handling. The video outlines the two phases—risk review and risk monitoring—and discusses the tools and methods used in these phases, such as evaluations, inspections, and surveys. It concludes with the importance of regular reporting at various organizational levels to ensure effective risk management and compliance.

Takeaways

😀 Review and monitoring of risk management are critical for organizations to ensure risks remain within acceptable limits and are mitigated effectively.
😀 The objective of risk review and monitoring is to provide continuous oversight, ensure compliance with the risk tolerance, and improve the risk management process.
😀 Regular reviews (at least every six months) are necessary to update risk registers and assess whether existing risk treatments remain valid or need adjustment.
😀 Monitoring activities are conducted by internal auditors and quality management systems to track the effectiveness of risk mitigation actions and compliance with control measures.
😀 The review phase involves collaboration between risk owners and management teams to identify and address the most critical risks affecting their units.
😀 The monitoring phase tracks progress on risk mitigation plans, ensuring corrective actions are taken in a timely manner and identifying any potential risks not yet addressed.
😀 Various media tools are used for both review and monitoring, including site visits, inspections, surveys, interviews, and meeting notes, to gather accurate and actionable data.
😀 Review and monitoring help organizations identify new risks, assess changes in existing risks, and adjust risk management strategies accordingly.
😀 Reports on risk management should be created at multiple levels within the organization, from unit-level reports to consolidated organization-wide reports, to ensure transparency and alignment.
😀 The final reports on risk management at all levels should provide insights into the effectiveness of risk treatments, areas for improvement, and compliance with regulatory requirements.
😀 The outcome of effective risk review and monitoring includes improved business processes, stronger internal controls, enhanced stakeholder value, and better overall risk management performance.

Q & A

What is the main purpose of reviewing and monitoring risk management according to the script?
-The main purpose of reviewing and monitoring risk management is to ensure that the organization is managing risks effectively and in line with its tolerance levels. This includes ongoing oversight, quality assurance, and adjustments as necessary to address new or evolving risks.
What are the four goals of risk review and monitoring mentioned in the script?
-The four goals are: 1) continuous oversight of the organization’s high-risk exposures, 2) ensuring the risk control and mitigation processes are on track, 3) quality assurance of the risk management process, and 4) obtaining current information on risk status and handling within the organization.
Who is responsible for conducting the risk review and monitoring processes?
-The responsibility for conducting risk review and monitoring lies with the risk owner, risk management team, internal auditors, and the main inspectorate, with oversight from the Head of the unit and senior leadership.
How often is the risk review process conducted?
-The risk review process is conducted at least once every six months, with special reviews potentially occurring outside the regular schedule if significant changes in conditions lead to changes in risk.
What is the role of internal auditors in the risk management process?
-Internal auditors monitor the risk profile and ensure that the risk response measures set by management are adequate and that corrective actions are implemented on time.
What are the two main phases in the risk management process as described in the script?
-The two main phases are: 1) Risk Review, where risks are evaluated periodically, and 2) Risk Monitoring, where risks are tracked and managed continuously to ensure effectiveness and timely responses.
What types of media and methods can be used for risk review and monitoring?
-For risk review, methods include work plan evaluations, reports, field inspections, surveys, meeting minutes, and discussions. For risk monitoring, methods include field visits, physical inspections, surveys, interviews, and review of meeting communications.
What are the expected benefits of risk review and monitoring?
-The benefits include obtaining relevant and up-to-date information on risk management, discovering new risks, improving business processes, adjusting risk tolerance or budgets, enhancing organizational compliance, and ensuring effective internal controls.
What information is typically included in the risk monitoring report?
-The monitoring report includes the mitigation plan with timelines, progress on previous mitigation efforts, and an assessment of the effectiveness of internal controls. It also highlights any weaknesses found and recommendations for improvement.
How is the risk management reporting process structured?
-Risk management reporting is structured in three levels: 1) Risk management reports from the unit owners, 2) Reports from the primary unit owners, and 3) Reports consolidated by the central agency and submitted to the Head of the organization.