Skip to main content


System and Infrastructure  of Risk Management of the Company

The Company continues  to deliver benefit as much as possible to the shareholders and stakeholders. Nevertheless, while doing business, there are uncertainties that come from internal and external environment, which have an effect on the achievement of the company’s goals. These uncertainties are getting  serious as business climate changes rapidly and get more complex. These are business risks that  are unavoidable  and have to be managed through a mechanism  called “risk management”. A company which is able to manage risks well is considered  having good sense of sensitivity to detect  risks, having the flexibility to respond  to risk and ensure the capability of its resources  to take action in order to mitigate the level of risk. Whereas those that cannot  control risk well will waste a large amount of time and money and risk itself to achieve the company’s goal.

The implementation of risk management at PT WIKA Beton Tbk is in accordance with the Decree of the Minister of State Owned Enterprise Number: PER-09/MBU/2012 concerning  the Implementation of Good Corporate Governance Practice at SOE and to implement Risk Management using SNI Framework of ISO 31000:2011 (hereinafter  referered to as ISO 31000).

In order to develop risk management practice, PT WIKA Beton Tbk has periodically and sustainably developed  and increased  the risk management system framework  and an integrated and comprehensive control structure,  which can provide information  about  the risk potential  that  can affect the company’s outcome earlier. This is done to be able to take proper action to minimize the risks.

In order to be able to manage potential  risks, the Head Office and work unit/subsidiary of PT WIKA Beton Tbk enforces a program  on the implementation of risk management, which includes:

  1. Detecting/identifying risks as early as possible in every activity that  relates to the existing line of business in the environment of PT WIKA Beton Tbk.
  2. Measuring the level/amount  of risks by calculating the impact and potential  of risk occurrence.
  3. Performing analysis and evaluation on risk sources and the cause of the risk as a basis to map and control significant risks.
  4. Developing controlling strategy plan on high risk or top- priority risks.
  5. Implementing  controlling strategy on risks that  can damage the sustainability of the business.
  6. Continuously performing  communication, consulting, review, and monitoring  of risks, especially those having a quite significant impact on the condition  of the company.

The above Risk Management process can be described in the picture below:

Risk Management Process


Roadmap of the Company’s risk management implementation is developed  based on the level of maturity and preparedness of both the company and its existing human  resources  in implementing risk management. The roadmap of risk management implementation of the Company is reviewed and evaluated  periodically by the Risk Management unit at the Head Office.

The level of maturity of the risk management implementation of PT WIKA Beton Tbk in 2015,  which has been analyzed using framework  of ISO 31000  is 3 (from the scale of 1-4).

The level of maturity of the risk management implementation


The Company continues  to instill risk awareness culture to all employees of the Company by providing proper understanding on the factors related to the daily work or function.  In various evaluation meeting,  from the lowest level to the Board of Directors level, risk potential  that  can damage the final outcome of business is discussed.

The Company continues  to increase the competency of employee in every risk management field through internal training, seminar, and risk management discussion group, which is expected  able to improve the understanding on the awareness of the risk management.

Evaluation on the Effectiveness of Risk Management System

The Company has periodically evaluated  the effectiveness of risk management system of the Company by doing risk- based internal audit by SPI, internal audit by Internal Team, and assessment by the consultant.

Internal Audit of SPI

Internal audit conducted by the company’s organ, namely SPI, is risk-based audit. Audit object and audit focus are prioritized based on risks, from the biggest
to the smallest risks. Following audit process, the most significant activities of the Company will be reported to the Board of Directors to prepare  steps of improvement and anticipatory measures.

Internal Audit

Internal Audit is performed every semester  in all work units, the Board of Directors is no exception. It is performed by internal team of the Company that  has been provided with knowledge of how to do its job. IA comprises audit of ISO Management, Equipment Management, SMK3 and Risk Management implementation. Furthermore,  IA’s findings have to be improved by related Work Unit that  is stated  in Preventive Action Plan which is also monitored during its implementation. Audit findings are reported to the Board of Directors, the findings include evaluation on the performance of each work unit.

Assessment by Independent Consultant

The Company periodically conducts  measurement level of risk management implementation by independent risk management consultant. Assessment object is the whole instruments of the Company,  from the Board of Directors to the management level in the field. Assessment results provide estimation  of achievement level of risk management practices that  can be compared with previous periods. They can also provide suggestions for achievement increase in the next stage.  The three ways of evaluation can provide assurance  and certainty to the Company and stakeholders  to guarantee the sustainability of the developing business.

The Company’s  Risk Category

General description on the company’s risks, as well as the mitigation plan and the existing control in 2015 is as stated in the Corporate KPI that  has been determined as the parameter of target  achievement. The risk will be varied or unique,  and its management pattern will also be more specific. The category of risk posed to the company is as follows:

Risk Category