For the guidance in carrying out the designated responsibilities, tasks and functions, Our Company’s Corporate Risk Management Division has a Risk Management System Guidelines as the standard operating procedures and Risk Management quality standards which refer to the standards set by the ISO 31000; develop Key Performance Indicators (KPI) as a measurement for performance. The Corporate Risk Management Division also evaluates the implementation of work programs, KPI, constraints and solutions for sustainable improvements.

The entire work guidelines set out by the Corporate Risk Management Division is evaluated on a periodical basis while updates are conducted in accordance with the development in Our Company’s needs as well as the expected best practices.

Our Company sets Risk Control Self Assessment (RCSA) policies to actively engage risk owners to perform risk management, with Corporate Risk Management Division as the coordinator, facilitator and evaluator of the implementation of the Corporate Risk Management System. Corporate Risk Management adheres to all levels of the organization, implying that all levels of the organization have the risks that must be managed in accordance with the functions, authority, duty, reporting system and coordination scheme within the organization.

The evaluation of the risk management system’s effectiveness is conducted by the President Director upon the Periodical Report presented by the Corporate Risk Management Division. The risk management system has been considered effective, particularly with regards to the handling of prime risks components which were related to uncertainties in various external challenges faced by Our Company covering commodity prices, climate effects as well as socio-environmental conditions.

Risk management activities were focused on the updating of programs in accordance with the needs and the development of objectives of each business unit, covering: a) Implementation of Corporate Risk Management System, b) Development of Organization Components and Human Resources, and c) Improvement of Internal Business Processes. In the implementation, the Corporate Risk Management Division periodically conducts regular risk appraisal, develops risk assessments, makes revisions or enhancements of risk responsibility and control, maintains the flow of information and communications, and monitors the performance of compliance with the implementation of risk management.

Implementation of Corporate Risk Management (Sistem Manajemen Risiko - SMR)

The implementation of the Corporate Risk Management System covered: Operational Risks Assessment (plantations and processing plants), Social Risks Assessment and Project Risks Assessment, initiating the formulation of assessment guidelines and mechanisms for risks pertaining to quality, environmental issues and OHS, as well as conducting the socialization and migration process (including coaching, formulation of risk profiles for quality, envirionmental issues and OHS) related to the latest changes in risk-based ISO standards for quality management system (ISO 9001:2015), environmental issues (ISO 14001:2015) and OHS (ISO 45001).

Development of Organizational Components and Human Resources

Competency development programs for Our Company’s risk analysts were conducted in the forms of discussions forum, scientific writing and/or risk assessment, as well as practice sharing sessions with both internal and external risk management officers.

Internal Business Process Improvements

In the attempts of sustainable performance enhancement, the Corporate Risk Management Division has implemented internal process improvements in the forms of: 

• preparation of the Annual Work Plan and Budgeting; 
• updates of the Corporate SMR Guidelines including but not limited to the Risk Charter, standards of policies and procedures, work flow, paper format standards, and reporting standards; 
• periodical performance evaluation; 
• implementation of sustainable improvements; and 
• periodical management reporting.