This study aims to evaluate the implementation of risk management at PT XYZ using the COSO Enterprise Risk Management (ERM) 2017 framework. PT XYZ, a trading and distribution company operating in the industrial equipment sector, faces increasingly complex risks driven by economic uncertainty, supply chain disruptions, and operational vulnerabilities. The study employed a qualitative approach with a case study method, collected data through documentation reviews and semi-structured interviews with seven senior management representatives directly involved in the company’s risk management processes. Data analysis used descriptive qualitative methods based on the five components and twenty principles of COSO ERM 2017. The results show that PT XYZ implemented several key aspects of risk management, through its organizational structure, policy guidelines, and processes that support risk management activities. However, several weaknesses remain, such as PT XYZ does not have an audit or risk committee, does not have a formal risk appetite document, incomplete implementation of risk responses, and the lack of a portfolio level risk view. PT XYZ's risk management function also has never been assessed by an independent or external party and does not have whistleblowing system. This research contributes by providing a comprehensive mapping of the implementation of COSO ERM 2017 at PT XYZ and identifying the gap between theory and practice that still occurs in corporate risk management.

COSO ERM 2017; Enterprise Risk Management; Risk Management; Risk Management Implementation

Abdaljabar, W. M., Zakuan, N., Saman, M. Z., & Setapa, D. M. (2025). The Effect of Enterprise Risk Management Implementation on Non-Financial Performance in Jordan Manufacturing Firms: A Review. Information Management and Business Review, 17(1(I)), 148-157. doi:https://doi.org/10.22610/imbr.v17i1(I).4361

Ansyari, S. (2024). Implementation of Risk Management in Strategic Decision Making. Journal of Scientific Interdisciplinary, 1(1), 35-44. doi:https://doi.org/10.62504/t7c2r379

Balaji, S., Shreshta, L., & Sujatha, K. (2024). A Study on Risk Management in Corporate Business. Involvement International Journal of Business, 1(3), 197-209. doi:https://doi.org/10.62569/iijb.v1i3.26

BPS. (2025). Berita Resmi Statistik. Badan Pusat Statistik. Retrieved from https://www.bps.go.id/id/pressrelease

COSO. (2017). Enterprise Risk Management - Integrating with Strategy and Performance Executive Summary. Committee of Sponsoring Organizations of the Treadway Commission.

COSO. (2020). Compliance Risk Management: Applying The COSO ERM Framework. Committee of Sponsoring Organizations of the Treadway Commission.

Ellet, W. (2018). The Case Study Handbook A Student's Guide. Harvard Business Review Press.

Febrianti, I., & Novita, N. (2021). COSO’s Enterprise Risk Management Framework in Agriculture Startup to Support the Achievement of SDGs Pillars. 5(1), 18-36. doi:https://doi.org/10.20473/tijab.V5.I1.2021.18-36

Feitosa, I. S., Carpinetti, L. C., & Almeida-Filho, A. T. (2021). A supply chain risk management maturity model and a multi-criteria classification approach. Benchmarking: An International Journal, 28(9), 2636–2655. doi:https://doi.org/10.1108/BIJ-09-2020-0487

Gao, J., Greenberg, R., & Wong-On-Wing, B. (2015). Whistleblowing Intentions of Lower-Level Employees: The Effect of Reporting Channel, Bystanders, and Wrongdoer Power Status. Journal of Business Ethics, 126(1), 85-99. doi:https://doi.org/10.1007/s10551-013-2008-4

Grebel, P. V., & Rajmane, S. (2023). Proposed Framework and Method for Integrating Risks into an Organizational Setting. Journal of Enterprise and Business Intelligence , 3(3), 126-134. doi:https://doi.org/10.53759/5181/JEBI202303013

Handfield, R., Sun, H., & Rothenberg, L. (2020). Assessing Supply Chain Risk for Apparel Production in Low Cost Countries Using Newsfeed Analysis. Supply Chain Management: An International Journal, 25 (6), 803–821. doi:https://doi.org/10.1108/SCM-11-2019-0423

Herold, D. M., & Marzantowicz, Ł. (2023). Supply chain responses to global disruptions and its ripple effects: an institutional complexity perspective. Operations Management Research. doi:https://doi.org/10.1007/s12063-023-00404-w

Junaedi, U. A., Saroh, S., & Trianti, K. (2025). ANALISIS PROSES MANAJEMEN RISIKO OPERASIONAL (Studi Kasus Pada CV. INDO PRATAMA). JIAGABI, 14(2), 458 – 469.

Kemendag. (2025). Nilai Tukar Mata Uang Asing Terhadap Rupiah. satu data perdagangan. Pusat Data dan Sistem Informasi Kemendag RI. Retrieved from https://satudata.kemendag.go.id/data-informasi/perdagangan-dalam-negeri/nilai-tukar

Lam, J. (2017). Implementing Enterprise Risk Management: From Methods to Applications. John Wiley & Sons, Inc.

Lubis, M. D., & Imsar. (2022). ANALISIS MANAJEMEN RISIKO OPERASIONAL BERDASARKAN PENDEKATAN ENTERPRISE RISK MANAGEMENT (ERM) PADA UD. ANUGRAH CABANG RANTAUPRAPAT. JMBI UNSRAT (Jurnal Ilmiah Manajemen Bisnis Dan Inovasi Universitas Sam Ratulangi), 1492-1504. doi:https://doi.org/10.35794/jmbi.v9i3.44457

Magradee, P. (2023). Enterprise Risk Management Case Study : PTT Exploration and Production Public Company Limited. Thammasat University, Faculty of Commerce and Accountancy. Retrieved from http://ethesisarchive.library.tu.ac.th/thesis/2023/TU_2023_6502022111_17958_28016.pdf

Moeller, R. R. (2011). COSO Enterprise Risk Management: Establishing Effective Governance, Risk, and Compliance Processes (2nd ed.). John Wiley & Sons, Inc.

Monazzam, A., & Crawford, J. (2024). The role of enterprise risk management in enabling organisational resilience: a case study of the Swedish mining industry. Journal of Management Control, 35(1), 59-108. doi:https://doi.org/10.1007/s00187-024-00370-9

Napitupulu, B. E., Rajagukguk, J. S., & Siswono, S. (2024). The Managerial Economics Implications Of Rupiah Exchange Rate Fluctuations On Investment And Corporate Growth. International Journal of Informatics, Economics, Management and Science, 3(2), 174-187. doi:https://doi.org/10.52362/ijiems.v3i2.1528

Oktalia, R. D., Nafiah, S. I., & Kusuma, D. (2020). ANALISA DAN MITIGASI RISIKO PADA PROSES PENGADAAN BARANG MENGGUNAKAN METODE HOUSE OF RISK. Prosiding Industrial Engineering National Conference (IENACO), 318-323.

Park, W., & Byun, C. (2021). Effect of SME’s Managerial Ability and Executive Compensation on Firm Value. Sustainability, 13(21), 1-16. doi:https://doi.org/10.3390/su132111828

Pradabwong, J., Braziotis, C., Tannock, J. D., & Pawar, K. S. (2017). Business process management and supply chain collaboration: effects on performance and competitiveness. Supply Chain Management: An International Journal, 22(2), 107–121. doi:https://doi.org/10.1108/SCM-01-2017-0008

Prewett, K., & Terry, A. (2018). COSO's Updated Enterprise Risk Management Framework—A Quest For Depth And Clarity. Journal of Corporate Accounting & Finance, 29(3). doi:https://doi.org/10.1002/jcaf.22346

Saunders, M. N., Lewis, P., & Thornhill, A. (2019). Research Methods for Business Students (8th ed.). Research Methods for Business Students.

Setiawan, T. (2024). Evaluasi Penerapan Manajemen Risiko pada RSUD XYZ. Program Magister Akuntansi Fakultas Ekonomi dan Bisnis Universitas Indonesia. Retrieved from https://lib.ui.ac.id/detail?id=9999920549127&lokasi=lokal

Shrivastava, V. K., Balasubramanian, J., Katyal, A., Yadav, A., & Yogananthan, S. (2024). Understanding the significance of risk management in enterprise management dynamics. Multidisciplinary Reviews, 6(2023), 1-8. doi:https://doi.org/10.31893/multirev.2023ss093

Solarino, A. M., & Aguinis, H. (2020). Challenges and Best-practice Recommendations for Designing and Conducting Interviews with Elite Informants. 58(3), 649-672. doi:https://doi.org/10.1111/joms.12620

Soobaroyena, T., Ntimb, C. G., Broadb, M. J., Agrizzia, D., & Vithana, K. (2019). Exploring the Oversight of Risk Management in UK Higher Education Institutions: The Case of Audit Committees. Accounting forum, 43(4), 404-425. doi:https://doi.org/10.1080/01559982.2019.1605872

Stasse, L. J., Hilhorst, C. A., & Rouwelaar, J. A. (2025). Enterprise risk management revisited: a study to identify the elements of ERM. Journal of Risk Research, 28(7), 768–793. doi:https://doi.org/10.1080/13669877.2025.2553846

Tuanakotta, T. M. (2019). Audit Internal Berbasis Risiko . Salemba Empat.

Ullah, S., Mufti, N. A., Saleem, M. Q., Hussain, A., Lodhi, R. N., & Asad, R. (2022). Identification of Factors Affecting Risk Appetite of Organizations in Selection of Mega Construction Projects. Buildings, 12(1), 1-19. doi:https://doi.org/10.3390/buildings12010002

Vincent, N. E., & Barkhi, R. (2021). Evaluating Blockchain Using COSO. Current Issues in Auditing, 15(1), A57–A71. doi:https://doi.org/10.2308/CIIA-2019-509

Vorst, C. R., Priyarsono, D., & Budiman, A. (2018). Manajemen Risiko Berbasis SNI ISO 31000. Badan Standardisasi Nasional. Retrieved from https://perpustakaan.bsn.go.id/repository/ca09e618c360ecd38f4f0ccfc828a2ff.pdf

Wang, W., Zhang, D., Wang, H., Zhu, Q., & Heravi, H. M. (2023). How do businesses achieve sustainable success and gain a competitive advantage in the green era? Kybernetes, 52(9), 3241–3260. doi:https://doi.org/10.1108/K-07-2021-0614

Widodo, S. (2023). Manajemen Strategik: Keunggulan Bersaing Berkelanjutan. Penerbit NEM.

Yuwono, M. A., & Ellitan, L. (2024). Evaluating the application of components governance and culture based on COSO ERM at PT. Agro. Journal of Business Management and Accounting, 14 (2), 307-338. doi:https://doi.org/10.32890/jbma2024.14.2.5