Laporan Tahunan 2016 | BANKALTIM 2016 annual report | BANKALTIM 288 • Menyusun, menetapkan dan mengkinikan prosedur dan alat untuk mengidentiikasi, mengukur, memonitor dan mengendalikan risiko di BPD Kaltim. • Menyusun dan menetapkan mekanisme persetujuan transaksi termasuk limit kewenangan. • Menetapkan struktur organisasi termasuk wewenang dan tanggung jawab yang jelas pada setiap jenjang jabatan yang terkait dengan penerapan Manajemen Risiko. • Memastikan pelaksanaan langkah-langkah perbaikan atas permasalahan atau penyimpangan dalam kegiatan usaha Bank yang ditemukan Satuan Kerja Audit Intern. • Mengembangkan budaya risiko, diantaranya dengan mengikutsertakan karyawan atau pejabat untuk mengikuti sertiikasi manajemen risiko sesuai dengan jenjang jabatannya b. Kecukupan kebijakan, prosedur, dan penetapan limit Kebijakan Manajemen Risko memberikan arahan tertulis dalam menerapkan Manajemen Risiko yang sejalan dengan visi, misi, strategis bisnis Bank. Kebijakan dan prosedur didesain dengan memperhatikan karakteristik dan komplesitas kegiatan usaha, tingkat risiko yang akan diambil, proil risiko serta yang ditetapkan otoritas dan atau praktek perbankan yang sehat. Kebijakan, prosedur, dan penetapan limit yang telah disusun oleh bank antara lain adalah : • Penetapan metode dalam melakukan identiikasi, pengukuran, pemantauan, dan pengendalian risiko serta sistem informasi manajemen risiko; • Penetapan kewenangan dan besaran limit secara berjenjang termasuk batasan transaksi yang memerlukan persetujuan Direksi; • Struktur organisasi yang secara jelas merumuskan peran dan tanggung jawab Dewan Pengawas, Direksi, Komite-komite, Satuan Kerja Audit Intern, dan Satuan kerja pendukung lainnya; • Develop, establish and update the procedures and tools to identify, measure, monitor and control risks in BPD Kaltim. • Develop and establish mechanisms of approval of the transaction, including limit and authority. • Deine the organizational structure including authority and responsibility clearly on every level of the position related to the implementation of Risk Management. • Ensure the implementation of remedial actions for problems or deviation in the Bank’s business activities discovered by Internal Audit Unit. • Develop risk culture , such as by involving employees or oicials to follow risk management certiication in accordance with the level of their position level. b. The adequacy of policies, procedures, and limit Risk Management Policy gives written brief in implementing risk management that in line with the vision, mission, business strategic of Bank. Policies and procedures are designed with attention to characteristics and complexity of business activities, the level of risk to be taken, as well as the risk proile deined by authority and or healthy banking practices. Policies, procedures, and limit which has been prepared by the bank such as: • Determination of the methods in the identiication, measurement, monitoring, and controlling risks as well as risk management information system; • Determination of the powers and limit amount gradually including transactions limit that requires Board of Directors’ approval; • The organizational structure that clearly deines roles and responsibilities of Supervisory Board, Board of Directors, Committees, Internal Audit Unit, and other supporting work unit; Laporan Tahunan 2016 | BANKALTIM 289 2016 annual report | BANKALTIM • Kebijakan rencana kelangsungan usaha business continuity plan atau business continuity management. c. Kecukupan proses identifkasi, pengukuran, pemantauan, dan pengendalian risiko serta Sistem Informasi Manajemen Risiko Kegiatan proses identiikasi, pengukuran, pemantauan, dan pengendalian risiko bank dinilai cukup memadai. • Proses identiikasi yang dilakukan dengan melakukan analisis karakteristik Risiko yang melekat pada Bankdan Risiko dari produk dan kegiatan usaha Bank. • Proses pengukuran yang diterapkan oleh Bank masih bersifat standar sesuai dengan ketentuan Otoritas Jasa Keuangan dan bank belum mengembangkan pengukuran dengan metode internal, Untuk melengkapi system pengukuran Risiko dengan cara melakukan Stress testing dengan menggunakan skenario tertentu guna melihat sensivitas kinerja bank. • Proses pemantauan risiko telah dituangkan dalam suatu prosedur pemantauan risiko dan berjalan cukup efektif. • Proses pengendalian risiko disesuaikan dengan eksposure risiko maupun tingkat risiko yang akan diambil Bank, diantaranya dengan metode mitigasi risko. • Sistem informasi manajemen risiko Bank dinilai masih cukup memadai dan terus dilakukan penyempurnaan didalam pelaksanaannya serta tepat waktu. d. Sistem pengendalian intern yang menyeluruh Proses sistem pengendalian intern Bank cukup efektif ditandai dengan berjalannya antara lain: • Penetapan wewenang dan tanggung jawab untuk pemantauan kepatuhan kebijakan, prosedur, dan limit; • Policy of business continuity plan business continuity plan or business continuity management. c. The adequacy of the process of identiication, measurement, monitoring, and controlling risks as well as the Risk Management Information System. Activities of identiication, measurement, monitoring, and controlling bank risk was considered good enough. • The identiication process carried out by did risk characteristic analysis attahced in Bank and risk of Bank’s product and business activites. • The measuring process applied by the Bank is still considered standard in accordance with Otoritas Jasa Keuangan and the bank has not developed measurment by internal method, To complete the risk measurement system by conducting stress testing by using certain scenario to see the sensitivity of Bank’s performance. • The process of risk monitoring have been set out in a risk monitoring procedure and runs quite efective. • The process of risk control and risk exposure is adjusted to risk exposure and risk lavel to be taken by the Bank,such as by mitigation method. • Bank risk management information system is still considered adequate and is being continously improved in its implementation as well as punctual. d. Comprehensive internal control system The process of the Bank’s internal control system is efective, marked by the implementation of: • Determination of authority and responsibility for monitoring compliance to policies, procedures and limits;