INTERNATIONAL JOURNAL OF SOCIAL SERVICE AND RESEARCH

 

RISK MANAGEMENT AT THE AGENCY INSPECTORATE XYZ

Nurlinda Dewi Kusumah, Lukman Mohammad Baga, Popong Nurhayati

Business School of Bogor Agricultural University, Bogor Agricultural University, Bogor Agricultural University

Email: [email protected], [email protected], [email protected]

 

Abstract

Risk management in the government environment is currently still not implemented effectively in all government institutions, including the XYZ Agency Inspectorate. Whereas risk management is able to assist the government in achieving its goals and there are regulations to implement it, namely Government Regulation no. 60 of 2008. This study aims to analyze the application of risk management at the XYZ Agency Inspectorate. The benefit of conducting this research is that it can provide management with an understanding of the results of the risk management portrait so that it can decide on the treatment of risks that have the potential to threaten the achievement of activity objectives. Qualitative research methods are carried out through literature studies, normative studies and prospective studies. The method used in this research is a qualitative approach with descriptive analysis research type. The results obtained from this study are that the implementation of risk management in the XYZ Agency's Inspectorate has not been optimally carried out because it is still using the XYZ Agency's risk management standards.

 

Keywords: Government; Inspectorate; Risk Management

 

Received 20 November 2021, Revised 30 November 2021, Accepted 10 December 2021

 

 

Introduction

This research method is carried out in a qualitative description through literature studies, normative studies and prospective studies using primary and secondary data. Qualitative description analysis is defined as a method of data analysis by describing, describing, and depicting the subject or object under study such as the interviewee, the institution that is the object of research, and a group of people at the time the research took place based on visible facts or what they are (Nawawi, 2003). 1991). Primary data comes from actors involved in activities at the Inspectorate in stages based on the main inspector's assignment letter consisting of quality controllers, technical controllers, team leaders and members. Primary data reveals verbal data from sources of information that are directly related to research (Arikunto, 2014). While secondary data is obtained through a study of internal control activities in other government sectors, central government regulations and other documents that can enrich primary data.

Testing the validity of the data is carried out in order to test that the data obtained is data with adequate validity. There are four ways in the data validity testing technique, namely 1) Test the credibility of the data which consists of a) Extending the observation period, b) Diligent, c) Triangulation, d) Discussion with friends, e) negative case analysis, and f) member check: 2) Transferability, 3) Dependability, and 4) Confirmability (Ahmad, 2019).

The research took place at the XYZ Agency Inspectorate in Jakarta during 2021. Please note that in 2021, XYZ Agency is the result of the integration of Non-Ministerial Government Institutions (LPNK). So it is necessary to harmonize regulations between LPNKs with one another

 

Method

This research method is carried out in a qualitative description through literature studies, normative studies and prospective studies using primary and secondary data. Qualitative description analysis is defined as a data analysis method by describing, describing, and describing the subject or object under study such as the interviewee, the institution that is the object of research, and a group of people when the research takes place based on visible facts or what they are (Nawawi, 2010). 1991). Primary data comes from actors involved in activities at the Inspectorate in stages based on the main inspector's assignment letter consisting of quality controllers, technical controllers, team leaders and members. Primary data reveals verbal data from sources of information that are directly related to research (Arikunto, 2014). Meanwhile, secondary data is obtained from studies on internal control in other government sectors, central government regulations and other documents that can be obtained through primary data.

Testing the validity of the data is carried out in order to test that the data obtained is data with adequate validity. There are four ways to test the validity of the data, namely 1) Trial data consisting of a) Extending the observation period, b) Perseverance, c) Triangulation, d) Discussion with friends, e) negative case analysis, and f) member check: 2) Transferability, 3) Dependability, and 4) Confirmability (Ahmad, 2019).

The research took place at the XYZ Agency Inspectorate in Jakarta during 2021. Please note that in 2021, XYZ Agency is the result of the integration of Non-Ministerial Government Institutions (LPNK). So it is necessary to harmonize regulations between LPNKs with one another.

 

Results And Discussion

The XYZ Agency Inspectorate was established on the basis of the Decree of the Head of the XYZ Agency regarding the Organization and Work Procedure of the XYZ Agency in 2006. The position of the XYZ Agency Inspectorate is a supervisory element that is under and responsible to the Head with a leader called the Inspector.

In September 2021, the XYZ Agency was officially merged together with the other five LPNKs based on the 2020 Presidential Regulation and its update in 2021. Automatically the merger experienced its own challenges and opportunities for the risk management process that has been carried out by APIP. The new understanding of business processes between LPNKs, harmonization of regulations, policies, mapping of human resources and so on has had its own effect.

1.    Guidelines for Risk Management at XYZ Agency

Just like other K/L in Indonesia, XYZ Agency is also in principle based on PP 60 of 2008 concerning SPIP. In 2013, the XYZ Agency made adocument for the grand design implementation of SPIP covering the basic concepts of SPIP, the implementation stages of SPIP, evaluation of the implementation of SPIP and action plans to strengthen the SPIP elements.

Based on the conditions and objectives to be achieved in the implementation of the XYZ Agency's SPIP, five priorities for the implementation of SPIP were determined, including:

1)   Improvement in the implementation of SPIP elements in accordance with the priorities and support of available resources.

2)   Effectiveness and efficiency of activities.

3)   Improving the reliability of financial reporting

4)   Increased compliance with laws and regulations and

5)   Securing state assets through the implementation of a system that can record the use of all resources in each activity implementation.

If you look at the contents of the XYZ Agency's risk management grand design, it can be concluded that the risk management standard used is in the form of The Committee of Supporting Organizations of the Treadway Commission's (COSO) standard. This is identical to the standard used by the internal monitoring agency in Indonesia, namely BPKP. The COSO standard uses a framework in the form of a control environment, risk assessment, control activities, information and communication, as well as internal monitoring and control.

In interviews that have been conducted with several members of the Inspectorate of XYZ, the answers vary, the secretary of the Inspectorate said that the inspector is responsible and who must have a commitment, although after all the performance of the Inspectorate depends on the commitment of the inspector himself. Meanwhile, according to the Sub-Coordinator for Administration, it is the responsibility of Quality Control as the leading sector in internal control activities. Regardless of all these opinions, when referring to the implementation of the XYZ Agency's SPIP, those responsible are all personnel of the XYZ Agency's Inspectorate and the one who acts as the head of the risk management team is the Inspector himself. This is important because one of the principles of Risk Management is that it is part of an organizational process. So Risk Management is not a separate activity or has its own activities, but part of every activity.

With increasingly massive socialization, it is easier to implement risk management in every program/activity or even in every smallest line of entities, namely individuals. To respond to this, in 2017 a Decree of the Head of XYZ Agency was made regarding the supervisory policy at the XYZ Agency Inspectorate, one of which mentions the implementation of SPIP through risk assessment assistance throughout the XYZ Agency. Here it can be concluded that the role of the Inspectorate is very important in the implementation of risk management.

Risk-based audit activities must include a risk map that has been identified by the inspectorate. The risk map is useful for determining risk-based audit priorities. However, because Risk Management has not been fully implemented, especially in the Annual Monitoring Activity Program (PKPT), for the time being an audit priority assessment is carried out by identifying the units and work units that have the largest budgets and the most findings. The bigger the budget, the higher the risk, and therefore the audit priority. Actually, a risk-based audit like this is still not effective and not perfect. Implementation of Risk Management cannot be done half-heartedly, it must be done simultaneously to get maximum results. However, the efforts made by the XYZ Agency Inspectorate need to be appreciated as the basis for implementing effective risk management in the future.

2.    Risk Management Implementation Process

According to the XYZ Agency Inspector, risk management has begun to be applied to the XYZ Agency Inspectorate in 2017. In order to implement risk management more deeply, socialization and workshops are often held with resource persons from BPKP. Even though the participants in the socialization and workshop were attended by all employees, the understanding of risk management could not be optimized in all activities.

Based on the observation of quality controllers, every government activity is never free from risk, so even in planning the government still has to consider the risks that could potentially occur. Even the answer from one of the representatives of the work unit said that in planning programs and monitoring activities, risk management must be carried out, by considering several risk aspects that may occur in the implementation of programs or activities. If referring to existing standards, risk management should be applied starting from setting the context to reporting, what is more important than that is a risk assessment consisting of risk identification, risk analysis, and risk evaluation. From the three processes, a risk profile will be formed which will be a reference in making decisions on how to mitigate these risks. However, such a process has not yet been implemented.

There needs to be good synergy and cooperation between all elements of the XYZ Agency Inspectorate to implement effective risk management. There needs to be a commitment from the Inspector to continue to make improvements and increase the application of risk management at the XYZ Agency Inspectorate. The steps that can be taken for the implementation of risk management at the XYZ Agency Inspectorate are as follows:

1)    Strengthening the control environment, through: enforcement of integrity and ethical values, commitment to competence, conducive leadership, formation of teams that are in accordance with needs, proper delegation of authority and responsibility, formulation and implementation of sound policies and development of human resources, as well as working relationships.

2)    Risk assessment

In carrying out its duties and functions, the Inspectorate faces risks that may hinder the achievement of objectives. Therefore, the Inspector provides a policy to identify and analyze risks on the achievement of objectives both at the strategic level and at the technical level. Risk identification and analysis is carried out mainly on activities that are in accordance with the direction of the supervisory policy, namely audit, review, evaluation, monitoring and other supervision.

3)    Control

Identification of the main activities and risk assessment of those that have been carried out previously. Broadly speaking, risk management includes two control activities, namely reducing the possibility of risk occurring (prevention); 2. Reducing the impact of risk (reduce); 3. Share or transfer risk (share); 4. Accept the risk (accept); and 5. Avoiding risk (avoid).

4)    Information and communication

The implementation of the fourth element of SPIP can be done by developing an information system that can be accessed by all human resources in the XYZ Agency inspectorate. Information and communication of SPIP can follow information system development methodologies such as analysis, design, development and implementation.

5)    Monitoring

Monitoring is a process of assessing the quality of internal control performance in a certain process. Monitoring is carried out to maintain and ensure that the implementation of risk management is carried out in accordance with applicable guidelines and there are no deviations in its implementation. Monitoring is carried out by every element that carries out risk management in the Inspectorate.

All stages of risk management have not been fully implemented by the XYZ Agency Inspectorate. The guidelines already exist but there is no implementation yet. One of them is caused by the absence of a Working Terms of Reference (TOR) as the basis for implementing detailed control activities. In the KAK document, the Budget Plan (RAB) is submitted, the timeline, the amount of resources needed and the technical implementation.

 

Conclusion

Based on the description in the previous chapter, the researcher concludes several things as follows:

1.     Guidelines on the application of risk management within the XYZ Agency Inspectorate are still in the process of being drafted, so that the basis for the guidelines is still using risk management guidelines at the institutional level.

2.     Risk management activities that have been taking place at the Inspectorate are still using XYZ Agency regulations with the output in the form of assessment results by mapping on a risk map. The action plan document is not followed up properly to be able to produce a continuous improvement.

3.     The preparation of PKPT has not used the basis of risk management so that from the beginning of planning to implementation there are still repeated obstacles and obstacles.

 

 

 

 

REFERENCES

 

Ahmad, Fahrizal Maizi. 2019. Analysis of Risk Management in Realizing Good Governance in the West Bandung Regency Government. Vol 10 No. 1. Proceedings of Industrial Research Workshop and National Seminar: Bandung State Polytechnic.

 

Ari, Julie. 2020. Implementation of Risk Management in the Public Sector: Urgency and Challenges. Paris Review. 2020 Edition/ No. 12 ISSN: 2088-2890.

 

Arikunto Suharsimi. 2014. Research Procedures; A Practical Approach. Jakarta: PT Rineka Cipta.

 

Hadari Nawawi. 1991. Research Methods in the Social Field. Yogyakarta: Gadjah Mada University Press.

 

Kamal, Mostopha. 2019. Map of Government Management Risk. BPKP Pusdiklatwas. Available at: http://www.bpkp.go.id/public/upload/unit/puslitbangwas/files/Peta%20Risiko%20Manajemen%20Government.pdf .

 

[Ministry of Finance] Ministry of Finance 2016. Guidelines for the Implementation of Risk Management within the Ministry of Finance. Available at: https://www.kemenkeu.go.id/media/5315/kmk-no-845-kmk01-2016.pdf .

 

[LKPP]. Government Goods/Services Procurement Policy Institute. 2016. Managing Risk, Competency Unit 29, 2016 SKKNI material. Jakarta: LKPP.

 

[BSN] National Standardization Body. 2018. Grand Design of Risk Management Implementation at BSN 2018 � 2023. Available at: https://bsn.go.id/uploads/download/grand_design_manajemen_risiko.pdf .

 

ISO Indonesia Center. 2021. ISO 31000:2009 Risk Management Standard. Available at: https://isoindonesiacenter.com/iso-31000-standar-manajemen-risk/ .

 

[BPKP] Financial and Development Supervisory Agency. 2009. Risk Assessment, Module 3, Basic Government Internal Control System (SPIP) Training. Bogor: BPKP Pusdiklatwas.

 

[BPKP] Financial and Development Supervisory Agency. 2015. Risk Management of Public Sector Organizations, Substance Technical Training Module. Bogor : Pusdiklatwas BPKP.

[Kemdikbud] Ministry of Education and Culture. 2021. The Importance of Root Cause Analysis in School Quality Improvement. Available at: http://lpmpsulteng.kemdikbud.go.id/index.php/2021/08/02/pentingnya-root-cause-analysis-dalam-peningkatan-mutu-school/ .

Government Regulation No. 60. 2008. Government Internal Control System. BPKP, Jakarta.

 

 

� 2020 by the authors. Submitted for possible open access publication under the terms and conditions of the Creative Commons Attribution (CC BY SA) license (https://creativecommons.org/licenses/by-sa/4.0/).