550 bank bjb Laporan Tahunan 2014 LIUJTBS4BIBN0CMJHBTJ OBMJTB1FNCBIBTBOBUBT,JOFSKB1FSTFSPBO Tata Kelola Perusahaan 5BOHHVOH+BXBC4PTJBM1FSVTBIBBO -BQPSBO,FVBOHBO,POTPMJEBTJBO BUB1FSVTBIBBO SISTEM PENGENDALIAN INTERNAL The essence of the operational aspect audit is UIF UFTU CZ UIF OUFSOBM VEJUPS PO UIF FGmDJFODZ and effectiveness of activities implementation performance objectives, the achievement of set goals and objectives.

2. Conformity of Internal Control with COSO

1. Control Environment The Board of Directors and the Board of Commissioners as stakeholders in the Company has established TFWFSBMQPMJDJFTBOENFBTVSFTUIBUSFnFDUUIFPWFSBMM management control. a. Establish the bankers’ code of conduct b. Establishment of corporate values which is SFnFDUFEJOCFIBWJPST c. Determination of 2014 as the zero tolerance for Fraud year. d. Determination of the Organizational Structure in accordance with the company’s business model. 2. Risk Assessment Effective internal control system can identify and BOBMZ[FUIFSJTLTUIBUBSFNBUFSJBMMZBOETJHOJmDBOUMZ will affect the achievement of the goals and objectives of the Bank. The review should cover all risks faced by the Bank on a consolidated basis among others: credit risk, market risk, liquidity risk, operational risk, legal risk, reputation risk, compliance risk, and strategic risk. 5PQ NBOBHFNFOU IBT JEFOUJmFE BOBMZ[FE BOE assessed 8 eight consolidated risks. The Risk Management Division, Internal Audit and Compliance JWJTJPOBSFJOTZOFSHZJODPOEVDUJOHSJTLJEFOUJmDBUJPO and assessment. 3. Control Activities The Board of Directors has undertaken actions that regulates for any activities undertaken by all employees to have adequate internal control. The measures are, among others: a. Develop, establish and approve policies and standard operating procedures. b. Determination and separation of duties and responsibilities of each employee in accordance with the position. Substansi dari audit aspek operasional ini adalah QFOHVKJBO PMFI VEJUPS OUFSO NFOHFOBJ FmTJFOTJ dan efektivitas dari pelaksanaan kegiatan performance objectives, pencapaian tujuan dan sasaran yang telah ditetapkan.

2. Kesesuaian Pengendalian Internal dengan COSO

1. Control Environment Direksi dan Dewan Komisaris sebagai pemangku kepentingan dalam Perusahaan telah menetapkan beberapa kebijakan dan tindakan yang mencerminkan keseluruhan pengendalian manajemen. a. Menetapkan code of conduct bankir b. Penetapan nilai-nilai budaya perusahaan corporate value yang tercermin dalam 14 perilaku. c. Penetapan tahun 2014 sebagai tahun zero tolerance for Fraud. d. Penetapan Struktur Organisasi sesuai dengan model bisnis perusahaan. 2. Risk Assessment Sistem pengendalian intern yang efektif dapat NFOHJEFOUJmLBTJ EBO NFOFMBBI SJTJLP ZBOH TFDBSB NBUFSJBM EBO TJHOJmLBO BLBO NFNQFOHBSVIJ pencapaian tujuan dan sasaran Bank. Penelaahan harus mencakup seluruh risiko yang dihadapi Bank secara konsolidasi antara lain: risiko kredit, risiko pasar, risiko likuiditas, risiko operasional, risiko hukum, risiko reputasi, risiko kepatuhan, dan risiko strategik. Manajemen puncak telah melakukan untuk NFOHJEFOUJmLBTJ NFOHBOBMJTBEBONFOJMBJ EFMBQBO risiko secara konsolidasi. Divisi Manajemen Risiko, Divisi Audit Internal dan Kepatuhan berseinergis EBMBNNFMBLVLBOJEFOUJmLBTJEBOQFOJMBJBOSJTJLP 3. Control Activities Direksi telah melakukan tindakan yang mengatur agar setiap aktivitas yang dijalankan oleh seluruh karyawan memiliki pengendalian internal yang memadai. Adapun tindakan tersebut antara lain: a. Menyusun, menetapkan dan menyetujui kebijakan serta standar operasional prosedur. b. Penetapan dan pemisahan tugas serta tanggung jawab setiap pegawai sesuai dengan jabatan. 551 bank bjb Annual Report 2014 4UPDL0CMJHBUJPOJHIMJHIUT .BOBHFNFOUJTDVTTJPOOBMZTJTPOPNQBOZ1FSGPSNBODF Good Corporate Governance PSQPSBUF4PDJBM3FTQPOTJCJMJUZ POTPMJEBUFEJOBODJBM4UBUFNFOUT Corporate Data INTERNAL CONTROL SYSTEM c. Establish the policy on authorization limit H a s established and implemented Business Continuity Management such as the DRC Disaster Recovery Center and BRC Bussiness Recovery Center. 4. Information and Communication Information is an important aspect in every activity of the company, one of which is in decision making. Good information must have good quality with correct, accurate and timely information criteria. The Board of Directors has built an effective information and communication system with good quality. Policies and actions that have been carried out by top management are as follow: a. Utilizing internet-based applications by observing the level of security and the level of access in accordance with the duties and responsibilities. b. Financial and accounting transaction processes have used the latest standards, namely PAPI Indonesian Banking Accounting Regulation. D 5IF PNQBOZT mOBODJBM JOGPSNBUJPO IBT CFFO audited by a public accountant. 5. Monitoring The Board of Directors evaluates internal control implementation in all activities of the bank. Evaluation of the internal control implementation is carried out by the Internal Audit Division. The Internal Audit Division submit the Audit Report to the Board of Directors and the Board of Commissioners, as well as a copy to the Compliance Director. In addition, the Audit Activity Report is reported to Bank Indonesia every 6 six months.

3. Description of Evaluation on the Effectiveness of the Internal Control System