164
2020 Integrated Annual Report
CORPORATE GOVERNANCE
Risk
Management
Risk Management Initiative in 2020
Understanding and managing company risks is part of how
we operate. It helps us to meet strategy and business objectives and legal and regulatory obligations. It also enlables us
to make informed decisions and act ethically in the best interest of the company and shareholders.
Risk Management
Framework
XL Axiata adopts ISO 31000 Framework as the guideline and principles in developing and implementing Risk Management in the Company.
The objective of our risk management framework is
to ensure risk management
is embedded within our governance, business and operations activities and culture.
The risk management begins with determining the context on the element requiring risk management. The Company then identifies, analyses and evaluates the potential risks. After knowing each risk then it should be followed by taking actions that are adjusted
to the risk. Each of working process must be monitored and reviewed to ensure the process is running effectively.
Risk Management Framework
Improvement 06
Integration
02
Design
03
     05
Evaluation
01
Leadership & Commitment
 PT. XL AXIATA TBK
TRANSFORM FASTER TO EMERGE STRONGER – GIVING BACK TO THE NATION
Risk Management System
04
In its application, the Company Enterprise Risk Management Oversight Structure follows the Three Lines model, target to manage and mitigate risks through the effective organisation of risk, control and oversight responsibilities that will limit the possibility of “gaps” while avoiding duplication of coverage.
1. 1st Line of Defense – Business unit and operations owners who are responsible identifying, assessing and managing risks related to the scope of work and its responsibilities.
2. 2nd Line of Defense - Risk and Compliance Management and other second line compliance function (Regulatory, Corporate Secretary, Health and Safety, Cyber Security) is responsible for implementing the company’s risk management and compliance framework, monitoring the effectiveness of its implementation.
3. 3rd Line of Defense - Internal Audit function, which is responsible in providing independent assurance on governance, risk management and internal control process.
Implementation