Risk Management Process and Enterprise Risk Management ERM
- Slides: 44
Risk Management Process and Enterprise Risk Management (ERM) Dr Arjaty Daud MARS Disampaikan pada Kuliah Program Magister Administrasi RS Univ Esa Unggul
Tujuan 1. Mahasiswa dapat menyebutkan tujuan mata ajar risk management process and enterprise risk management 2. Mahasiswa dapat menguraikan topik- topik dan jadwal mata ajar risk management process and enterprise risk management 3. Mahasiswa dapat menggambarkan sistem evaluasi pembelajaran dan buku wajib 4. Mahasiswa mampu memahami kompetensi yang diharapkan dari mata ajar
Arjaty Daud/Esa Unggul 2016 2
The Five Steps In The Risk Management Process (ARM) 1. Identify loss exposures 2. Examine potential risk management technique(s) 3. Select risk management technique(s) 4. Implement technique(s) 5. Monitor results (ARM) Arjaty Daud/Esa Unggul 2016 3
The Risk Management Process Treat the Exposure Through RM Techniques Identify/Analy ze Exposure Risk Analysis + Loss Frequenc y: Risk Identific ation + Identify the loss Howlikely is it that a loss will happen? Lo ss Prop erty Net Incom e + Loss Severity: Howseriou s will the Liab Pers loss be? ility onnel Risk Contro l Risk Avoidan ce Loss Prevention (frequency) Loss Reduction (severity) Segre gation Contractua l Transfer (nonins urance) Risk Financin g Tran sfer Non. Insure r Hold harmle ss agree ments Arjaty Daud/Esa Unggul 2016 Rete ntion Ins urer Pass ive A carri er Not reco gnize Active Noninsuran ce & Selfinsuran ce 4
Risk Management Process 1. Risk Identification – Mengkategorikan dan mencatat sumber 2 kemungkinan kerugian 1. Risk Analysis • Menetapkan Frequency of Occurrence / Loss • Menetapkan Probable Severity / Effect Potential Loss on Organization (Financial & Operational) Arjaty Daud/2017 5
Risk Management Process Risk Treatment 3. Risk control techniques : 1. Risk Avoidance 2. Loss Prevention 3. Loss Reduction 4. Segregation of Exposure Units 3. Non-Insurance Transfer 1. Risk financing 2. Risk Transfer 3. Risk retention
RISK CONTROL 1. Risk Avoidance • Menghindari / tidak terlibat dalam Kegiatan risiko terkait • Satu-satunya teknik Risik kontrol yang sepenuhnya menghilangkan kemungkinan Loss dengan tidak terlibat dalam risiko Arjaty Daud/2017 8
2. Loss Prevention Reduksi / Eliminasi kemungkinan Loss Contoh : Surgical Instrument Counts Infection Control Procedures Safety Programs Credentialing Effective Screening Monitoring of Care Arjaty Daud/2017 9
3. Loss Reduction • Reduksi potensial dampak Loss / Reduksi potensial Severity Loss • Examples – Team to Respond to Cardiac or Respiratory Distressed Patients / Code Blue) – Sprinkler System – Crisis Management Team Arjaty Daud/2017 10
4. Segregation of Exposure Units • Pemisahan (Separation): – Membagi Aset / kegiatan menjadi dua atau lebih di lokasi yang terpisah (Mengurangi Risiko Rugi dalam satu kejadian) • Contractual Transfer (Non-Insurance) • Membuat Kontrak dan Pergeseran Tanggung Jawab Hukum kerugian dari satu pihak ke pihak lain Arjaty Daud/2017 11
Saat ini perkembangan RM menjadi lebih sentralisasi (ERM) karena : • Globalisasi keuangan & bisnis • Integrasi industri asuransi • Meningkatnya regulasi • Lebih fokus pada tata kelola korporasi • Clinical governance & keselamatan pasien Arjaty Daud/Esa Unggul 2016
The traditional six-step RM process : 1. Identifikasi risiko 2. Analisa risiko 3. Mengembangkan teknik pengelolaan risiko (treat risks) 4. Memilih teknik kelola risiko yang terbaik (selection of best risk-treatment techniques), 5. Implementasi teknik yang dipilih 6. Monev efektivitas manajemen risiko 7. Enterprise Risk Management : 8. lebih mengintegrasikan manajemen risiko kedalam struktur organisasi 9. pendekatan interaktif untuk identifikasi risiko, analisa & kelola melalui prinsip manajemen risiko kedalam operasional korporasi & Renstra 12 Arjaty Daud/Esa Unggul 2016
Definisi Enterprise Risk Management (ERM): • • Suatu Proses yg dilakukan oleh BOD dan manajemen di semua level unit yang dirancang dalam suatu strategi Institusi untuk mengidentifikasi kejadian potensial yang dapat mempengaruhi Institusi dan mengelola risiko tersebut untuk pencapaian tujuan institusi ERM menggunakan pendekatan fungsi silang untuk ases, evaluasi, dan mengukur semua risiko institusi, tidak hanya yang terkait dengan risiko yang bisa ditransfer seperti keuangan & risiko hazard Arjaty Daud/Esa Unggul 2016 14
The ERM Framework 4 LEVEL 4 KATEGORI 8 KOMPONENi Arjaty Daud/Esa Unggul 2016 15
Tujuan • Dalam konteks menetapkan misi atau visi korporasi, manajemen menetapkan tujuan strategi, memilih strategi, dan menentukan tujuan yang sejalan dengan korporasi • Framework ERM diarahkan untuk mencapai tujuan korporasi. EMPAT KATEGORI : • Strategic – tujuan sesuai dengan misi • Operations – effective and efficient use of its resources • Reporting – reliability of reporting • Compliance – compliance with applicable laws ®ulations. Arjaty Daud/Esa Unggul 2016 16
Delapan Komponen ERM terdiri dari DELAPAN KOMPONEN saling terkait yang diperoleh dari cara manajemen mengelola korporasi dan integrasikannya dalam proses manajemen • Internal Environment Lingkungan internal meliputi “Tone” organisasi, dan menetapkan bagaimana risiko diidentifikasi dan ditangani Manajemen termasuk filosofi manajemen risiko, integritas dan nilai 2 etika, dan lingkungan di mana mereka bekerja • Objective Setting Tujuan harus dibuat sebelum manajemen mengidentifikasi potensial event. ERM memastikan bahwa organisasi dijalankan sesuai dengan misi Arjaty Daud/Esa Unggul 2016 17
3. Event Identification Kejadian internal & eksternal yg mempengaruhi pencapaian tujuan korporasi harus diidentifikasi, bedakan antara risiko dan peluang. Peluang (lihat kembali Renstra dalam menentukan tujuan) 4. Risk Assessment Risiko dianalisa, dihitung peluang dan dampak, sebagai dasar mengelola risiko • Risk Response Manajemen memilih respon terhadap risiko : a. b. c. d. tolak, terima, reduksi, transfer- Arjaty Daud/Esa Unggul 2016 17
6. Control Activities Kebijakan & prosedur ditetapkan & diimplementasi untuk memastikan respon riisko dilaksanakan dengan efektif • Information and Communication Informasi yang relevan diidentifikasi, dikomunikasikan dalam bentuk & jnagkawaktu yang membuat individu melaksanakan tanggungjawabnya. Komunikasi efektif juga terjadi sangat luas diseluruh korporasi (kebawah, kesamping dan keatas) • Monitoring ERM dimonitor & dimodifikasi jika diperlukan. Monitoring dicapai melalui aktiiftas manajemen. Arjaty Daud/Esa Unggul 2016 19
ERM dilakukan disetiap level orgsnisasi : EMPAT LEVEL : • Entity-level • Division • Business unit processes • Subsidiary Arjaty Daud/Esa Unggul 2016 20
Areas to Assess Definitions of Risk. (ERM ) 1. Definisi pertama : event atau aksi yang bisa berdampak pada kinerja keuangan atau operasional RS. —Risiko harus: 1. didefiniskan secara spesifik 2. terukur, gunakan standar akunting unit seperti revenue atau kunjungan pasien 3. bisa diamati sepanjang waktu • Definisi kedua: risiko tidak terjadi secara terisolasi namun diidentiifkasi secara kelompok Domain risiko 1. 1. Operational 2. Financial 3. Human Capital 4. Strategic 5. Legal/Regulatory 6. Technology
DOMAIN RISIKO : 1. Risiko operasional. timbul dari praktik bisnis utama organisasi. Dalam organisasi kesehatan, risiko operasional terkait dengan pelayanan kesehatan. 2. Risiko keuangan. berhubungan dengan kemampuan organisasi untuk meningkatkan dan mempertahankan akses ke modal, masalah kontrak, biaya risiko, dan evaluasi dukungan pemasok. Domain ini termasuk risiko untuk pembiayaan, seperti asuransi. Arjaty Daud/Esa Unggul 2016 22
3. Risiko modal manusia. kemampuan organisasi untuk memperoleh, mengelola, dan mempertahankan pekerja. Kompensasi pekerja, pekerjaan dan lingkungan bahaya, omset, absensi, kekerasan di tempat kerja, pelecehan, dan diskriminasi masuk dalam domain ini 4. Risiko strategis. Risiko yang berdampak pada pertumbuhan organisasi. Risiko strategis termasuk merger, akuisisi, usaha patungan, dan kewajiban iklan. Juga meliputi risiko reputasi yang terkait dengan hubungan masyarakat dan ekspektasi kinerja bagi organisasi oleh pasien dan pembayar. Arjaty Daud/Esa Unggul 2016 23
5. Hukum dan peraturan risiko. termasuk risiko yang terkait dengan aturan yang diamanatkan, peraturan, UU dan standar. Dalam pelayanan kesehatan, peraturan dan standar 2 ini banyak dan rumit. Contoh akreditasi dan privasi dan peraturan keamanan. 6. Risiko teknologi. berhubungan dengan teknologi baru. Ini adalah domain resiko yang tumbuh dalam pelayanan kesehatan dan termasuk perangkat biomedis, telemedicine, obat elektronik, sistem informasi manajemen risiko dan usang teknologi informasi lainnya, dan peralatan Arjaty Daud/Esa Unggul 2016 24
Domain Description / Example 1 The business of healthcare is the delivery of care that is safe, timely, effective, efficient, and patient- centered within diverse populations. Operational risks relate to those risks resulting from inadequate or failed internal processes, people, or systems that affect business operations. Included are risks related to: adverse event management, credentialing and staffing, documentation, chain of command, and deviation from practice. Operational 2 Strategic 3 Financial 4 Human Capital 6 Legal / Regulatory 6 Technology 7 Hazard Risks associated with the delivery of care to residents, patients and other healthcare customers. Clinical risks include: failure to follow evidence based practice, mediation errors, hospital acquired conditions (HAC), serious safety events (SSE), and others. Risks associated with the focus and direction of the organization. Because the rapid pace of change can create unpredictability, risks included within the strategic domain are associated with brand, reputation, competition, failure to adapt to changing times, health reform or customer priorities. Managed care relationships/partnerships, conflict of interest, marketing and sales, media relations, mergers, acquisitions, divestitures, joint ventures, affiliations and other business arrangements, contract administration, and advertising are other areas generally considered as potential strategic risks. Decisions that affect the financial sustainability of the organization, access to capital or external financial ratings through business relationships or the timing and recognition of revenue and expenses make up this domain. Risks might include: costs associated with malpractice, litigation, and insurance, capital structure, credit and interest rate fluctuations, foreign exchange, growth in programs and facilities, capital equipment, corporate compliance (fraud and abuse), accounts receivable, days of cash on hand, capitation contracts, billing and collection. This domain refers to the organization’s workforce. This is an important issue in today’s tight labor and economic markets. Included are risks associated with employee selection, retention, turnover, staffing, absenteeism, on-the-job work-related injuries (workers’ compensation), work schedules and fatigue, productivity and compensation. Human capital associated risks may cover recruitment, retention, and termination of members of the medical- and allied-health staff. Risk within this domain incorporates the failure to identify, manage and monitor legal, regulatory, and statutory mandates on a local, state and federal level. Such risks are generally associated with fraud and abuse, licensure, accreditation, product liability, management liability, Centers for Medicare and Medicaid Services (CMS) Conditions of Participation (Co. Ps) and Conditions for Coverage (Cf. C), as well as issues related to intellectual property. This domain covers machines, hardware, equipment, devices and tools, but can also include techniques, systems and methods of organization. Healthcare has seen an explosion in the use of technology for clinical diagnosis and treatment, training and education, information storage and retrieval, and asset preservation. Examples also include Risk Management Information Systems (RMIS), Electronic Health Records (EHR) and Meaningful Use, social networking and cyber liability. This ERM domain covers assets and their value. Traditionally, insurable hazard risk has related to natural
Sample Risk List Strategic / External Operational Human Capital Financial Legal & Compliance Technology Hazard • Competition Affiliation, Mergers & Acquisitions Variability in Patient- Related Volume Research Grant / Funding Availability New. Models for Care Delivery Diminished Market Regulatory Change / Healthcare Reform Conflict of Interest Decreased Capital Spending Hospital/ Physician Relationship Availability of Public Data (HAI/HAC) Business Management Discipline / Cost Management Equipment Maintenance Failureto Identify & Follow EBM Facility Maintenance Timely Access to Care Failureto Refer Failureto Diagnosis Clinical Continuity Insufficient Discharge Planning Inconsistent Clinical Competency Hiring& Retention Organizational Structure, Alignment & Direction Succession Planning Unionization Turnover Recruitment Aging Workforce Disruptive Behavior Flex. Staffing Workers’ Compensation Physician Shortage Credit / Collections Financial Performance Billing Accuracy / Compliance Payer Mix / Reimburseme nts Pension/ Retirement Obligations Philanthropy / Fundraising / Capital Campaign Failureto Meet Margin Uncompensat ed Care Accessto Capital Contract Management Revenue Enhancement Conflictsof Interest Fraud, Theft and Embezzlement Governance, Compliance and Oversight ACO HIPAAPrivacy & Security Health. Reform Employment Practices Multiple Vendors Social Networking Information Breach Bar Coding Hybrid. EMR IT Infrastructure & Security Paucity of IT Professionals Failureto. Act in a Timely Manner Incompatible Programs Natural Disaster Failureto. Plan Failureto. Act Timely Inability to Manage a Crisis No. Backup Systems or Appropriate Duplicate systems Arjaty Daud/Esa Unggu 25 l 2016
Enterprise Risk Management Operational Financial ASHRM Handbook Legal/ Regulatory Human Capital Technolog y Arjaty Daud/Esa Unggul 2016 27
Enterprise Risk Management Assessment Model Operational Technology Financial Legal/Regulatory / ORGANIZATION Strategic Arjaty Daud/Esa Unggul 2016 PATIENT Human Capital 28
Areas To Assess: Operational Quality initiatives (Data Indikator) Adverse event management (Data IKP) Board governance Credentialing and staffing – Initial appointment – Reappointment – Affiliated staff Arjaty Daud/Esa Unggul 2016 29
Areas To Assess: A Board’s Legal Risks Duty to supervise/manage Select competent physicians Conflict of interests Provide adequate facilities and equipment Provide adequate insurance Provide satisfactory patient care Select competent administrator Require competitive bidding Provide safe environment Regulatory and JCAHO compliance Arjaty Daud/Esa Unggul 2016 30
Areas To Assess: Operational General Liability Assessment Topics – Safety program – Security program – Facility management Parking (lighting, location, security) – Visitor control procedures – Valuables Arjaty Daud/Esa Unggul 2016 31
Areas To Assess: Operational ● Clinical – Patient communication – Patient care records – Confidentiality – Informed decision making – Telephone protocols – Tracking diagnostic information – Primary care screening and monitoring – Supervision – Patient satisfaction/complaints – Coverage issues – Infection control – Medication safety – Emergency response – Patient and staff education Arjaty Daud/Esa Unggul 2016 32
Areas To Assess: Financial Risk Financing Treatments – Insurance – Self-insurance Ability to raise capital Reimbursement Billing and collection Arjaty Daud/Esa Unggul 2016 33
Areas To Assess: Financial Contract Administration – Scope of service and method of payment / ruanglingkup layanan dan metode pembayaran – Professional services provided / layanan profesional – Quality expectations / ekspektasi mutu – Contractual terms – Termination provisions – Risk-sharing agreements – Apparent agency liability – Hold harmless and indemnity agreements – Remedies for breach Arjaty Daud/Esa Unggul 2016 34
Areas To Assess: Human Capital Employment Practices/ Human Resources Topics – Workers’ compensation – Harassment – Negligent firing – Discrimination – Testing – Background checks – Grievance procedures – Confidentiality Arjaty Daud/Esa Unggul 2016 35
Areas To Assess: Human Capital Employment Practices/Human Resources Topics – Education orientation continuing education CPR – Employee health exposures – Employee assistance programs (EAPs) – Benefits – Staff rights and staff competency Arjaty Daud/Esa Unggul 2016 36
Areas To Assess: Human Capital Environmental issues related to employees – Safety – Security – Occupational hazards – Environmental hazards Arjaty Daud/Esa Unggul 2016 36
Areas To Assess: Strategic plan and mission – Immediate goals vs. long range goals Business ventures – Mergers – Acquisitions and divestitures – Joint ventures Competition’s status Advertising liability Reputational risks – Patient and community relations – Media relations – Marketing and sales Arjaty Daud/Esa Unggul 2016 37
Areas To Assess: Strategic New Projects and Services Topics – 䇾Fit䇿 with existing organization structure – Identification of insurance needs – Staff requirements – Contract needs – Competitive impacts – Process development Policies/procedures – Implementation schedules Arjaty Daud/Esa Unggul 2016 39
Areas To Assess: Strategic Construction/Renovation – Licenses/permits – Contracts – Disruption of services – Hazards Air quality Interim and design safety – Communication issues – Approvals Arjaty Daud/Esa Unggul 2016 40
Areas To Assess: Legal and Regulatory Statutes, standards and regulations – Federal, state and local impacts Licensure Accreditation Arjaty Daud/Esa Unggul 2016 40
Areas To Assess: Legal and Regulatory Corporate Compliance Program/Interface – Identification of related compliance factors / identifikasi faktor terkait kepatuhan – Compliance assessment results / hasil asesmen kepatuhan – Program components - education, reporting, data maintenance, review, monitoring – Relatio n s Dhauidp/Essa Unggul 2016 A rjat y 41
Areas To Assess: Technology Information systems Telemedicine Equipment New technologies Inventory control Arjaty Daud/Esa Unggul 2016 43
Areas To Assess Setting priorities for program development / Buat prioritas untuk pengembangan program – Utilize information from external and internal assessment sources / gunakan informasi dari sumber ekstrenal & internal – Goals should be: Flexible Short and long term – Priorities should be: Politically correct Financially correct Ethically correct Arjaty Daud/Esa Unggul 2016 44
- Erm erd
- Erm tools and techniques
- All crm packages contain modules for prm and erm.
- Kamus data erd
- Liquidity measures
- Literature review on enterprise risk management
- Enterprise risk management for credit unions
- Vertical slice architecture
- Enterprise risk management for financial institutions
- Internal audit data analytics maturity
- Omb a 123
- Enterprise risk management pharmaceutical industry
- Bindesh rach
- Enterprise risk management association
- Enterprise risk management integrated framework
- Putting the enterprise into the enterprise system
- Putting the enterprise into the enterprise system
- Modified chen notation
- Informe coso
- Erm benefits
- Erm 101
- Folio erm
- Generalitation
- Erm diagram
- Risk intelligent enterprise
- Coso erm 2004
- Soa erm
- Relationenmodell
- Erm kardinalitäten min max
- Mysql huge pages
- Erm uml
- Composite attribute
- Erm construction
- Esstase
- Uncg erm
- Need identification and specification
- Pm reifegradanalyse
- Coso erm
- Komponen erm
- Sps erm
- Komponen coso erm
- Key risk indicators financial risk management
- Risk map
- 831b captives
- Enterprise risk captive