Understanding the Concept of Risk Management for Companies
Views
Download
Share With Friends
Behind the concept of legal risk management, there is a concept of risk management. Stin Claessens (in Isharyanto et al., 2020: 59) described the risk management as a way to ascertain the uncertainty of plans in the future and all possibilities that will happen.
Then, Claessens explained in detail that a company or an organization will identify existing risks, how those risks may affect their long-term plans, and how to insure them. Risk management is intended to create a certainty of plans by avoiding fluctuations that can possibly occur.
In relation to the risk management, Ferry N. Idroes (in Isharyanto et al., 2020: 60) explained that in a corporation, the risk management is needed to support the achievement of company goals. The risk management makes it possible to create much more opportunities with low fatalities, and solutions which are suitable to the existing risks.
As explained by Hinsa Siagian (in Isharyanto et al., 2020: 60), there are two categories of risk management objectives, namely preventing risks before losses occur or the pre-loss objective and after losses have occurred or the post-loss objective.
The risk management performed before losses occur or the pre-loss objective has several purposes, one of which is the economic purpose namely to prepare the company for incurring potential losses in the most economical way. A method that can be done is to reduce any outdatedness and to meet the standard of internal obligations.
The risk management performed after losses have occurred or the post-loss objective is intended to support the sustainability of the company. The emphasis is on how to mitigate risks after losses have occurred, how a company can operate for at least a predetermined period, and how the company can continue to operate and meet customers’ needs.
In Indonesia, there are common approaches for the risk management, namely the Enterprise Risk Management (ERM) as introduced by COSO and the risk management set forth in ISO 31000. Isharyanto et al explained that the ISO 31000 risk management may encourage companies to manage risks in a proactive manner, facilitate a level of accountability in decision making processes, and take the opportunity and benefits from its implementation.
Furthermore, the risk management must be implemented pursuant to predetermined principles and guidelines. This is intended to ensure effectiveness in the successful implementation of the risk management by the company. As regards the ISO 31000, its process is adapted from the AS/NZS 4360: 2004, with the following process of risk management.
- Establishing the context
- Risk assessment
- Risk treatment
- Monitoring and review
- Communication and consultation
The five processes can be carried out in a sequential or irregular order. This is because risk management tends to be very flexible. Its process must also be implemented in consideration of any applicable cultures and values.
Legal Risk Management
The scope of risk management, including the legal risk management, has expanded. To help companies in the legal risk management, the Regulatory Compliance System (RCS) was introduced. The RCS has various functions, including as follows:
- The RCS streamlines the audit process and minimize risks from audits;
- The RCS prevents companies from missing certain legal obligations;
- The RCS is a solution for companies to monitor their legal compliance that is based on the Artificial Intelligence and it is run in a comprehensive manner.
The function of the Regulatory Compliance System is to address legal challenges encountered by each company. Get the best solution from RCS Hukumonline right now!