135 PT ASDP Indonesia Ferry Persero Annual report 2013 1. Pemeriksaan Tahunan PKPT terhadap 19 cabang dari rencana kerja fungsi satuan Pengawas Internal sPI 2013 sebanyak 31 cabang. biaya pemeriksaan yang telah terealisasi selama 2013 sebesar rp1,26 miliar. 2. melaksanakan pendampingan Kantor akuntan Publik KAP untuk general audit 2012 pada bulan Januari- Februari 2013 sebanyak 12 cabang dan general audit 2013 pada bulan oktober-Desember 2013 serta bulan Januari 2014 sebanyak 11 cabang. 3. Pendampingan bPK rI untuk audit penugasan dari Direksi dan merealisasikan pemeriksaan terhadap 3 cabang yakni cabang merak, bekauheni dan lembar serta melaksanakan penugasan khusus dari Direksi terhadap 3 cabang yakni cabang bangka, Kupang, dan banda Aceh. Evaluasi Terhadap Efektivitas Sistem Pengendalian Internal

a. Evaluasi Terhadap Efektivitas Sistem Pengendalian Keuangan

evaluasi yang telah dilakukan Perseroan terhadap efektivitas sistem pengendalian internal menjadi salah satu fondasi bagi Perseroan untuk terus melaksanakan perbaikan dan penyempurnaan sistem pengendalian yang dapat meningkatkan pertumbuhan perusahaan. evaluasi tersebut salah satunya dilakukan melalui laporan keuangan Perseroan. Dalam melakukan evaluasi, Perseroan menggunakan kriteria yang telah ditetapkan oleh Internal Control - Integrated Framework yang telah dikeluarkan oleh coso. berdasarkan penilaian ini, Dewan Komisaris dan Direksi menyimpulkan bahwa hingga tanggal 31 Desember 2013, sistem pengendalian internal Perseroan atas laporan keuangan telah berjalan dengan efektif.

b. Evaluasi Terhadap Efektivitas Sistem Pengendalian Operasional

selain itu, evaluasi juga dilakukan melalui Unit Audit Internal. Unit Audit Internal melakukan upaya peningkatan pengendalian internal internal control dalam berbagai kegiatan operasional Perseroan. hasil evaluasi atas pelaksanaan 1. conducting Annual Audit PKPT on 19 out of 31 branch offices determined in the work plan of Internal Audit at the beginning of the year. The audit fee of 2013 amounting to rp1.26 billion. 2. mentoring the Public Accounting Firm which was appointed to conduct 2012 general audit in January- February 2013 on 12 branch offices and 2013 general audit in January 2014 on 11 branch offices. 3. mentoring bPK rI in conducting audit as delegated by the board of Directors on 3 branch offices, i.e.: merak, bakauheni, and lembar branches, as well as conducting special delgations from the board of Directors on bangka, Kupang, and banda Aceh branches. Assessment on the Effectiveness of Internal Control System

a. Assessment on the Effectiveness of Financial Control System

The assessment that had been conducted by the company on the effectiveness of internal control system became a foundation for the company to always conduct improvement and refinement on the control system, which in turn contributed to the growth of the company. The evaluation was conducted in several ways, and one of them was through the company’s financial report. In conducting the evaluation, the company utilized criteria set by the Internal control – Integrated Framework issued by coso. based on the evaluation, the boards of commissioners and Directors concluded that up until December 31, 2014, the company’s internal control system on financial statement had run effectively.

b. Assessment on the Effectiveness of Operational Control System

Aside from that, assessment also had been conducted through the Internal Audit Unit, which made an effort to improve the internal control in various operations of the company. The assessment result on the implementation of internal control TATA kElolA PERusAhAAN Good Corporate Governance 136 PT ASDP Indonesia Ferry Persero laporan Tahunan 2013 sistem pengendalian internal menjadi salah satu dasar evaluasi manajemen terhadap efektifitas sistem pengendalian internal untuk menentukan perbaikan dan penyempurnaan sistem ataupun kebijakan yang memungkinkan manajemen dapat secara lebih efektif menjalankan kegiatan operasional Perseroan.Pengendalian internal di lingkungan Perseroan senantiasa dievaluasi agar mampu mengikuti perkembangan bisnis Perseroan. MANAJEMEN RISIKO Gambaran Umum Sistem Manajemen Risiko Perseroan sistem manajemen risiko Perseroan berfungsi untuk mengelola risiko perusahaan yang mencakup identifikasi, pengendalian, serta evaluasi atas risiko-risiko yang berpotensi mengganggu aktivitas bisnis, kelangsungan usaha, dan menyebabkan tidak tercapainya tujuan Perseroan. Identifikasi risiko menjadi langkah awal dalam penerapan sistem manajemen risiko Perseroan. Perseroan meyakini bahwa penerapan identifikasi risiko secara akurat dan komprehensif sangat penting untuk dilakukan. Perseroan senantiasa mengumpulkan data sebanyak mungkin untuk melihat potensi risiko yang dilakukan melalui survei, wawancara, data historis, dan brainstorming dalam rapat antar divisi. risiko yang dapat terjadi dalam aktivitas usaha umumnya bersumber dari unsur ketidakpastian yang menyebabkan tertekannya profitabilitas hingga dapat menimbulkan kerugian. Proses identifikasi risiko memudahkan Perseroan untuk mengetahui bahaya yang ditimbulkan terkait aktivitas bisnis Perseroan. setelah itu, Perseroan melakukan pengendalian risiko dengan menggunakan pendekatan terstruktur mulai dari penilaian risiko hingga pengembangan strategi untuk mengelola dan menyusun mitigasi risiko. Khusus mitigasi risiko, Perseroan menggunakan sumber daya yang dimiliki perusahaan. Dalam proses ini, Perseroan menyusun serangkaian rencana kegitan penanganan guna memperkecil eksposur risiko. Perseroan juga melakukan evaluasi atas keefektifan sistem manajemen risiko yang dilakukan secara berkala. TATA kElolA PERusAhAAN Good Corporate Governance system became one of the bases for management evaluation on the effectiveness of internal control system. The aim of this evaluation is to determine the improvement and refinement for the system, as well as the policy which will make the management to be able to run operations effectively. The internal control system in the company’s environment is constantly evaluated in order to follow the development of the company’s business activities. RISK MANAGEMENT Overview on the Risk Management System of the Company risk management system of the company serves to manage the company’s risk and consists of identification, control, and evaluation on the risks that have potential in disturbing the company’s business activities, existence, as well as leading to the company’s failure in embracing its objectives. Identification of risks is the first step in the implementation of the company’s risk management system. The company is certain that an accurate and comprehensive implementation of risk management system is very important. To observe the potential risks that will be faced, the company gathered data as much as possible through surveys, interviews, history, and brainstorming activities in the meetings between each division. The risks that may happen in business activities generally come from uncertainty factor which results in a pressure on the profit and consequently brings loss. The risk identification process enables the company to be aware of the danger that may be incurred related to the business activities of the company. Furthermore, the company conducts risk control by utilizing a structured approach, starting from the risk evaluation to the strategy development, in order to manage and mitigate the risks. The company utilizes its own resources, especially to mitigate risks. In this process, the company prepares a series of treatment activities to lessen risks exposure. The company also evaluates the effectiveness of risk management system which is done periodically. 137 PT ASDP Indonesia Ferry Persero Annual report 2013 TATA kElolA PERusAhAAN Good Corporate Governance sistem manajemen risiko Perseroan yang diatur dalam Pedoman manajemen risiko perusahaan berfungsi untuk mengelola risiko perusahaan. Pedoman tentang Penyelenggaraan Proses manajemen risiko merupakan proses yang berlangsung berulang dan terus menerus yang pada dasarnya terdiri dari Proses Awal, Proses Inti dan Proses Penunjang manajemen risiko. Proses Awal meliputi membangun lingkungan intern dan menyusun konteks. Proses Inti meliputi Assessment risiko atas risiko-risiko yang berpotensi mengganggu aktivitas bisnis, kelangsungan usaha, dan menyebabkan tidak tercapainya tujuan Perseroan dan melaksanakan tindak lanjut tanggapan perlakuan atas risiko. Proses penunjang manajemen risiko meliputi melakukan Kaji Ulang risiko, melakukan Pemantauan, melakukan Komunikasi, melakukan Konsultasi dan melakukan Dokumentasi. sepanjang 2013 Perseroan telah melaksanakan beberapa sub program, antara lain: • Konsolidasi kualitas daftar risiko dan pelaksanaan assessment risiko unit kerja pusat dan cabang sebagai bahan daftar risiko Direktorat, dengan pelaksanaan rekapitulasi dan analisis hasil assessment risiko unit kerja pusat dan cabang; konsolidasi daftar risiko unit kerja kantor pusat dan cabang sebagai bahan penentuan risiko Direktorat Direktorat Usaha Penyeberangan, Direktorat Utama dan Direktorat Usaha Pelabuhan, Direktorat sDm dan Umum serta Direktorat Teknik; validasi hasil konsolidasi daftar risiko unit kerja kantor pusat dan cabang sebagai bahan penentuan daftar risiko Direktorat Direktorat Keuangan, Direktorat Usaha Penyeberangan, Direktorat Utama, Direktorat Usaha Pelabuhan, Direktorat sDm dan Umum serta Direktorat Teknik serta komunikasi dan validasi daftar risiko korporat. • Pengesahan pedoman umum manajemen risiko oleh Direksi dan Dewan Komisaris. • Pencetakan dan pendistribusian buku Pedoman manajemen risiko boD,boc, Unit Kerja Kantor Pusat dan cabang. The companys management risk system, stipulated in the risk management Guidelines, functions to manage and mitigate the companys risk. Guidelines on the Implementation of risk management Process is the main referral to execute the procedure for managing risks, which comprising three main process, namely Initial Process, core Process, and risk management supporting Process. Initial Process of risk management aims to develop an internal environment and compose the context. core Process encompasses risk Assessment on risks that have the potential to disrupt business activities and existence as well as causing the objectives if the company cannot be achieved. In addition, this process will generate follow-ups response on the risks. risk management supporting process covers the activities of risk review, monitoring, communicating, consulting, and documenting. Throughout 2013, the company had conducted several sub- programs related to risk mangement, such as: • consolidation on the quality of risks and implementation of risk assessment in central and branches work unit as a part of Directorates list of risk through the implementation of recapitulation and analysis of the result of risk assessment conducted in central and branches work units; consolidation on the list of risks of work units in headquarters and branches as a part of Directorate risk determination Ferry services, main and Port services, hr GA, as well as engineering Directorates; approval for the results of consolidation on the list of risks of work units in headquarters and branches as a part of Directorate risk determination Ferry services, main and Port services, hr GA, as well as engineering Directorates, as well as communication and approving the corporates list of risks. • Approval for the general guidelines of risk management by the board of Directors and board of commissioners. • Publication and Distribution of risk management Guidelines to the board of Directors, board of commissioners, and all work units in the headquarters and branch offices. 138 PT ASDP Indonesia Ferry Persero laporan Tahunan 2013 • Penyusunan prosedur manajemen risiko • Penerapan manajemen risiko melalui analisis daftar risiko dan hasil pengukuran risiko Leasing kapal bekas per 31 Desember 2012 dan review risk profile unit kerja dan cabang sinabang, Tual dan Kupang. Jenis Risiko dan Pengelolaannya Jenis risiko dan pengelolaannya yang diselenggarakan oleh Perseroan selama 2013 sebagai berikut:

a. Risiko Pemasaran: risiko Pemasaran adalah tidak