Indonesia Conference Directory

The purpose of this study is to analyze the strategy risk management approach in PT. Y an IT company providing HR and ERP software, the analysis trying to answers several questions among others are how the company implement the companys business strategy and whether its strategy has adopted a strategy-based risk management approach (Strategy risk management) that embedded risk into the strategic planning. Through the analysis process, this study also observe at how the companys business strategy connected and aligned with its vision, mission and the core values have been set and how it implements corporate culture within the company and its relation to the companys business strategy in its efforts to provide added value to customers. In order to obtain comprehensive and complete information and data, the research method used in this study is a case study. Both primary data and secondary data is used in this study, primary data obtained directly from PT. Y included interviews with company management and questionnaires for all department heads that are assigned as risk officers and other primary data such as financial performance, list of AR bad debt, customer satisfaction data, and also observation of ISO 27001: 2013, especially on IT risk management document. This study finds that the companys business strategy is in line with the companys vision, mission and core value, however the application of risk management in the company categorized as traditional risk management that has not been integrated with the companys business strategy, and has not been embedded yet into its strategic planning. Furthermore this study also found that almost all of the department head assigned as risk officer is not aware of their duties and responsibilities as a risk officer and does not understand the work procedures of a risk officer, consequently companys business risk is not managed as it should be.