ACKNOWLEDGMENT

I would like to acknowledge and thank those who contributed, assisted, and motivated
me during the internship program so this report can be done, especially the following:

Mr. Benny Rizal Gautama as the owner of PT. Maja Ruang Delapan that has been very
supported with his kindness and has also provided invaluable contact details and data for
the majority of the hotel and restaurant.

Finally I would like to acknowledge and thank all the respondents and staff at the hotel
and restaurant in my research for taking their time and for sharing with me their
knowledge as well as their experiences.

Bandung, 18 July 2014

Andi Dea Kamala Bonita

TABLE OF CONTENTS

ACKNOWLEDGMENT................................................................................................... i
TABLE OF CONTENTS ................................................................................................. ii
LIST OF TABLES .......................................................................................................... iii
LIST OF FIGURES ........................................................................................................ iv
LIST OF APPENDIX .......................................................................................................v
EXECUTIVE SUMMARY ..............................................................................................1
CHAPTER I INTRODUCTION .......................................................................................3
1.1. Company Profile ........................................................................................3
1.1.1. PT. Maja Ruang Delapan ....................................................................3
1.1.2. Vision & Mission ................................................................................4
1.1.3. Portfolio & Products ...........................................................................4
1.1.4. Corporate Organization .......................................................................8
1.2. Scope of Work............................................................................................9
1.2.1. Internship Models at Maja Group .......................................................9
1.2.2. Issues at Sugar & Cream .....................................................................9
1.2.3. Problems Definition ..........................................................................10
1.2.4. Data Access .......................................................................................10
1.3. Objective of the Internship .......................................................................10
CHAPTER II BUSINESS ANALYSIS ..........................................................................11
2.1. Theoretical Framework ............................................................................11
2.1.1. A Brief Historical Overview .............................................................11
2.1.2. Defining Risk Management............................................................12
2.1.3. Conceptualization of Risk .................................................................14
2.1.4. The Risk Management Process .........................................................16
2.1.5. Risk Management Responses............................................................18
2.2. Methodology ............................................................................................23
2.2.1. Observation Method ..........................................................................23
2.2.2. Qualitative Approach ........................................................................23
2.2.3. Limitation ..........................................................................................24
2.3. Findings & Analysis .................................................................................24
CHAPTER III BUSINESS SOLUTION ........................................................................28
3.1. Proposed Solution ....................................................................................28
3.2. Practical Implementation .........................................................................29
3.3. Implementation Plan ................................................................................29
CHAPTER IV LESSON LEARNED .............................................................................32
4.1. Lesson Learned from the Problem Solving Activity ...............................32
4.2. Lesson Learned from the Internship Program ..........................................32
REFERENCES ...............................................................................................................33
APPENDIX .....................................................................................................................35

ii

LIST OF TABLES
Table 1 Main Type of Hazards...18
Table 2 Probability Score...23
Table 3 Impact Score.....24
Table 4 Risk Management Strategies.....25
Table 5 Risk Mapping....27
Table 6 Total Score....28
Table 7 Drivers of Key Risks.....30
Table 8 Risk Measurement.....31
Table 9 Risk Management Strategies in the Hotel.....32
Table 10 Responsibilities...35

iii

LIST OF FIGURES

Figure 1 Maja House Function Hall..................................................................................4

Figure 2 Vanilla Interior ...................................................................................................6
Figure 3 Stevie 6 Interior ..................................................................................................8
Figure 4 Corporate System Chart .....................................................................................9

iv

LIST OF APPENDIX
Appendix 1 Interview Guideline..40
Appendix 2 Risk Assessment Work Sheet...41

EXECUTIVE SUMMARY

Hotel industry often provide a variety of comforts for guests and clients, which in turn
can generate different sources of risks. So there is the need for constant reevaluation of
the risks associated with these services to maximize profit, as well as to provide
protection from injury and property loss. Risk management starts with risk assessment
and understanding the risk of doing business. By implement risk management to the
business we can avoiding loss and profit.

In view of this, this research has made a valuable contribution to the existing body of
knowledge related to the business by:

Highlighting the importance of identifying risks as well as a more formal

approach to risk management in the Maja Goup especially the hotel and
restaurant industry.

Identifying various risks that could have an impact on the Maja Goup
especially the hotel and restaurant industry.

Showing that risks differ from sector to sector within the Maja Goup
especially the hotel and restaurant industry.

Developing a risk management process and model, which has not existed
before, in the Maja Group especially the hotel and restaurant industry.

Providing good hospitable services, which at the same time offering comfort
and satisfaction to its guest in the Maja Goup especially the hotel and
restaurant industry.

A final contribution is that this is the first research of risk management in this
hotel.

The objective of the report is to introduce how risk management can be useful to manage
the hotel and restaurant risk swiftly and effectively to an interruption to normal business
operation, protecting the associates and assets of the hotel, and ensuring the continuity of
critical business function. Based on the study literature sources, the above contribution
is not only of value to the Maja Gruop but also every hotel with the same class.

Enterprise risk management framwork is used to develop the plan for Hotel to deal with
risk and opportunities by enterprise risk management process. Enterprise risk
management process helps to ensure effective reporting and compliance with laws and
regulations, and helps avoid damage to the business reputation and associated
consequences. Enterprise risk management can helps the Hotel to achieve and get to
where it wants to go and avoid pitfalls and surprise along the way.

This report has developed the strategic risk management plan fo Stevie 6 hotel to manage
the hotel business risk and mitigating the risk. The main aim was to devise a strategic
risk management plan for the next 5 year. The plan has developed an Enterprise Risk
Management strategy to respond the hotel risk effectively within a specific risk category.

CHAPTER I
INTRODUCTION

1.1. Company Profile

1.1.1. PT. Maja Ruang Delapan
Maja Group is a company engaged in the service industry, especially hotels, function
rooms and restaurant. It began its operations on 8th May 2010. Under the auspices of PT.
Maja Ruang Delapan which is a legal entity established by the State under the laws of
Indonesia and by deed dated October 16, 2008 number: C-126.03.01.-Th HT. 2005 made
before Sri Nikke Kaniawardani S.H., M.Kn., Notary in Kab. Sumedang. Maja Group
viewed Bandung tourism as the land of the future, with domestic economy and middle
class group continue to grow and develop. Maja Group chose its headquarters at Jl.
Sersan Bajuri No. 72 Bandung, Kabupaten. Bandung Barat 40559. Maja Group has
grown to be one of Indonesia's tourism industry with the company's management leading
and growing presence in all sectors of the industry and future plans for expansion to other
cities.

Maja Group is a private company with Mr. Benny Rizal Gautama as the owner of the
company and it deals directly with the owner. The general manager is working with
corporate auditors and head of each department in all aspects of the business to manage
staff relations, assets of business owner, and corporate relations. Transaction behavior
should be directed to correctly represent and protect interests of the Maja Group
Indonesia at any time.

Figure 1 Maja House

1.1.2. Vision & Mission

Vision: Triangle Success for Guest, Company and Employee

Guests

Employees, Family

Company

Mission: create satisfaction for our guests, employees and companies with lucrative
service satisfy with prioritize professional work attitude, anticipation of solutions to
achieve the target. If you are already working with a group or just join us, you will
discover the culture of our group is relaxed and friendly, yet professional and hard workwe want everyone in the Group Maja to enjoy their time with us thrive and through
dedication, hard work and attitude to serve.
1.1.3. Portfolio & Products
Brand name Maja Group Indonesia synonymous with excellence and quality. Maja
Group Indonesia currently manages the hotel, restaurant, function room, and a concept
store. Their unique outlets are:
1.

Functional / Meeting Rooms

A function room with tropical modern design that provides an atmosphere that will
not be forgotten, with a total capacity of 1250 people indoor and 250 people outdoor,
Maja House function hall will accommodate all sorts of activities, such as a wedding
reception, blessing & engagement reception, intimate cocktail reception, corporate
events, gathering & party, birthday party, seminars, and much more. And to meet the
needs of business, Maja House also offers three meeting rooms / VIP room with
modern interiors and are equipped with LCD projectors, sound system, lighting and
mic.

Figure 2 Maja House Function Hall

4

2.

Sugar & Cream (Rooftop Bar & Restaurant)

Located on the second floor of Maja House Building, Sugar House & Cream serves
Asian and Western food which can be mouth-watering, and a selection of drinks
from cocktail to mocktail that can spoil the tongue. With a total capacity of 450 seats,
Sugar & Cream has a wonderful interior design, industrial-style vintage and modern.
All sorts of casual activities can be done here, with a view of Bandung city lights
and the stars seen from the rooftop bar, accompanied by the strains of music from
the resident DJ who plays in private booths restaurant every weekend.

Figure 3 Sugar & Cream

3.

Maja Suki
Maja Suki Restaurant opened on 9 October 2010. Taste and delicacy of barbeque
and Suki can be enjoyed in the restaurant Maja Suki. Guest will also be pampered
with the natural beauty of the mountains and a view of Bandung city with an area of
1200 square meters and 100 seating capacity. Maja Suki Restaurant also prepares
various purposes for gathering with family or wedding receptions and birthday.

Figure 4 Maja Suki

4.

Vanilla Kitchen & Wine

A restaurant concept that is different from other places, where Vanilla has the
concept of industrial pop themed interiors. Opened on 26 March 2011, operational
capacity for Vanilla is 150 seats and also equipped with VIP Room facilities with a
total of 4 rooms with a capacity of 6 to 12 people, which can be used for Private
Meetings, movie watching, and karaoke. A very varied food Menu will be offered,
including steak, pasta, salad, and rice bowl. And beverages that includes wine, beer,
refreshing mocktails and fresh juice.

Figure 5 Vanilla Interior

5.

Pop Shop Concept Store

Pop Shop is one of groups outlet in the form of concept store, which specialized
in cross-selling without using a separate Department. Began operational on 01 July
2011. Located in the first floor of Vanilla Kitchen & Wine, it offers the convenience
to shop a wide selection of exclusive designs with fashion from talented young
designers, shoes, handbags, home decor, barber pop, and other collections.

Figure 6 Popshop Interior

6.

Stevie 6 Hotel
Stevie 6 is a masterpiece of Maja Group Indonesia, which began operating in
December 23, 2011, as the outlet to the concept by having Stunning Design &
Innovative Spaces it has inspired the establishment of the name of the hotel, Stevie
6 Hotel. The hotel consists of 24 rooms, where each room has a different interior
theme, such as Bohemian, American Classic, Vintage and Modern Tropical. Some
of the rooms has private balconies with the panoramic view of the Valley on the front
side. Stevie 6 is a hotel that will meet the needs of guests comfort accommodation
and aesthetic beauty in it. The Hotel facilities:

Hot & Cold Water

Air Conditioning

Cable TV flat screen

Free broadband internet access

Telephone

Coffee & Tea

Fully-stocked Mini-bar and Refrigerator

Safe Deposit Box

Electronic Door Lock

Extra Bed

Smoking Room

Figure 7Stevie 6 Eksterior

Figure 8 Stevie 6 Interior

1.1.4. Corporate Organization

One of the crucial decisions concerning the effectiveness of human resource management
is to select the appropriate personnel to perform tasks, or sent to branch offices of the
company based on the standard operations of the company. Some strategic positions in
companies operating in developing the company itself, certainly requires an employee
with adequate ability and also has the knowledge and understanding of the business
practices of every branch of the company.

In addition, in those strategic positions, the company also pay attention to the interests of
the employees which will greatly affect the performance of the company. Their presence
alone is considered indispensable because it has different performance with other
employees.

Figure 9 Organization Chart

8

Figure 10 Corporate System Chart

1.2. Scope of Work

1.2.1. Internship Models at Maja Group
Maja Group offers three kind of internship models, which are Daily Administrator
Internship wich pai or unpaid, Job Training, and Observation and Solution Research.
Every model has different objectives and scope of work. In this internship program, I
choose the observation and solution research model.

This company has not yet had risk management in their finance management. So as the
intern in this company, I suggest them to implement risk management so the risk can be
identifying also developing a risk management process and model, which has not existed
before, in the Maja Goup especially the hotel industry. By implement risk management
to the business we can avoiding loss and profit. The general scope of work of this model
is to find solution(s) for the companys issue(s) based on observations, historical data,
questionnaires, interview, and other method that relevant on the issue. Human Resources
department in Maja Group assigned i to work on solutions concerning the issues at Stevie
6 Hotel.

1.2.2. Issues at Stevie 6 Hotel

According to the owner, Maja Group especially Stevie 6 has not had implement risk
management in their financial management. By develop and implement risk management
plans and procedures to managing hotel operation, it can provides good hospitable
services, which at the same time offering comfort and satisfaction to its guest in the hotel.

Hotel industry often provide a variety of comforts for guests and clients, which in turn
can generate different sources of risks. So there is the need for constant reevaluation of
the risks associated with these services to maximize profit, as well as to provide
protection from injury and property loss. Risk management starts with risk assessment
and understanding the risk of doing business.

As a finance majoring MBA ITB student, I was given the challenge to propose a solution
concerning Stevie 6 financial issues. The owner needs a clear and complete solution
regarding how the risks identified, how to develop and implement risk management plans
and procedures, and how to mitigate those risk that had been found in Stevie 6 hotel. The
owner and the manager asked i only to work on internal factors and internal data.

1.2.3. Problems Definition

The problems that needs to be solve that can be derived from the issues are:
1.

What type of risks that can be identified in Stevie 6?

2.

What is the mitigation and the solution of the risks in order to bring Stevie 6 can
provide good hospitable services, which at the same time offering comfort and
satisfaction to its guest?

1.2.4. Data Access

In order to propose a solution for the problems, I needs access on Stevie 6 historical data
and added information from the interviews and meetings with the management team and
/ or the owner.

1.3. Objective of the Internship

Objective of the Internship program is to implement risk management plan in Stevie 6
in order to providing good hospitable services, which in the same time offering comfort
and satisfaction to its guest so it can increasing their net profit. From the practical
analysis and critical thinking training is also considered as another objective to get
experience from the real business unit. Also from this internship program I would feel
the interactions between coworkers, office politics, and work ethic and culture which are
also valuable experience. The expectation is to get a full experience of a practical
financial analyst. With the hope of adding new knowledge, skills, and relatives.

10

CHAPTER II
BUSINESS ANALYSIS

2.1. Theoretical Framework

2.1.1. A Brief Historical Overview
Historically the term was used in an objective sense; risk designated the possibility of
an objective danger, an act of God, a force majeure, a tempest, which often related to
perils that could compromise a voyage on the sea (Ibid.). Despite the historicity of its
meaning being associated with travel, changes of its meaning are explained with
modernity. The impact of the industrial development and globalization over the past
century has been immense and it has affected the way people perceive risks (Nohrstedt,
2010; Lupton, 1999). The word risk has changed its meaning. Today it is used in a
multitude of denotations and is applied to a plethora of situations. Yet once attributed to
an objective nuance, risks today are considered being subjective to a large extent.
Fundamental perception of risk amongst people has changed in the way we approach
safety and danger (Mythen, 2004).

People are now encouraged to seek for relevant information and to take steps to avoid it
as much as possible. From a managerial perspective it is no longer possible to entirely
ignore or disregard risks. Risks are now considered as the probability and magnitude of
potential negative events that people actually can influence. At the same time, we should
have the realization that some risks are simply beyond our control, or too minute to
demand priority attention (Abkowitz, 2008). We should become more tolerant of risks in
such circumstances (Ibid.).

As established in the introductory discussion, the focus and awareness on safety and
security has served to underscore the concern and value amongst travelers. The issue has
even turned into a commodity that people are willing to pay for, and that hospitality
establishments must be able to provide (Barrows & Powers, 2009). As a result of this
trend, there has been a proliferation of private security forces combined with a diversity
of numerous measures in order to cope with demand from guests and requirements from
governments (Ibid.). Seeing that we continue to witness trade barriers being lifted, and
international legislation pave way for increasing mobility of people between countries
and regions, it is apparent that globalization has affected the travel and tourism industry.
11

The hotel industry needs to adapt its routines, procedures and standards to fit into the rest
of the picture with all of the dynamism that is implied (Ibid.). Accordingly, the field of
risk management has grown to grasp the attention of politicians, scholars, and managers.
The rapid expansion of knowledge has thus enabled.
2.1.2. Defining Risk Management
Risk management refers to the practice of identifying potential risks in advance,
analyzing them and taking precautionary steps to reduce/curb the risk.

The definition in the world of finance is risk management refers to the practice of
identifying potential risks in advance, analyzing them and taking precautionary steps to
reduce/curb the risk.

When an entity makes an investment decision, it exposes itself to a number of financial

risks. The quantum of such risks depends on the type of financial instrument. These
financial risks might be in the form of high inflation, volatility in capital markets,
recession, bankruptcy, etc.

So, in order to minimize and control the exposure of investment to such risks, fund
managers and investors practice risk management. Not giving due importance to risk
management while making investment decisions might wreak havoc on investment in
times of financial turmoil in an economy. Different levels of risk come attached with
different categories of asset classes.

For example, a fixed deposit is considered a less risky investment. On the other hand,
investment in equity is considered a risky venture. While practicing risk management,
equity investors and fund managers tend to diversify their portfolio so as to minimize the
exposure to risk.

Enterprise risk management (ERM) refers to an integrated or holistic approach to

managing risk across an organization, using clearly articulated frameworks and processes
led from board level. Risk management should be embedded in the general management
of an organization and fully integrated with other business functions such as finance,
strategy, internal control, procurement, continuity planning, HR and compliance. The
12

degree of integration will differ between organizations depending on their culture,

implementation process, and ways of operating and external environment.
The definition of risk management itself was up for analysis. There are four levels of risk
management:

Financial risk for the hospitality industry concerns money, including capital
availability, cash-flow management, investment evaluation and credit default.
The following types of financial risk: global economy crisis risk.

Operational risk that we face day to day in the operation of hotels. The following
types of operational risk: technology risk, increasing cost risk, associates
(employees) risk and hazard risk.

Table 1 Main Type of Hazards

Natural Hazards

Technical Hazards

Flooding

Power failure / fluctuation

Fire

HVAC failure

Earthquakes

Computer hardware failure

Tornadoes

Computer software failure

Hurricanes

Gas leaks

Winter storms

Transportation accidents
(chemicals/bio-hazard spills)

Compliance risk such as traditional contract and regulatory compliance; also on

accurate and timely financial reporting, adherence to company policies and
workplace health and safety.

Strategic risk that has to do with decisions about risk the company faces when it
pursues its strategic objectives. The following types of strategic risk: competition
risk and reputational risk.

It is important for risk manager to manage the hotels risks productively. In doing so, it
can make difference in hotels bottom line, while the same time protecting the reputation
of Maja Group brand.

13

2.1.3. Conceptualization of Risk

Risk can be seen as the potential of loss or harm to an entity, (where) such an entity can
be a person, a group, an organization a system or a resource (Raval & Fichadia, 2007:29).
Risk can be divided into two groups, internal (domestic) and external (international).
Changes in risk can influence the cost of capital and thus in the feasibility analysis of
different projects.

Project managers must identify and prioritize risks to the project at hand that are internal
to the organization. When looking internally, risks to the project may involve the
financial solvency of the company, the ability for the company to have required
equipment and other resources on hand in time to support the project. Personnel issues
such as the sickness or unanticipated termination of a key team member also can be
considered as internal risks to the project.
By creating an environment conducive to brainstorming, team members will be
comfortable with the free expression of their thoughts, leading to a thorough examination
of both the internal and external risks to the project.

When considering internal vs. external risks in project management it's important to
recognize that internal risks are usually easier to identify and manage than external risks,
but an accurate assessment of both will go a long way toward the successful completion
of the project.
Risk management in hotel and hospitality should not be an isolated event, but rather
implemented on an on-going basis. It is imperative for hoteliers to realize that hospitality
is not only related to offering qualitative services, but also that ensuring guests of their
safety/security and comfort are major part of the overall service. In addition, providing
hospitable services that are good at the same time necessitates that risk management is
implemented consistently by regularly aiming to raise current standard.

Fortunately, the global economy is improving, which means consumers and businesses
are growing more confident about their financial situations. For those in the hospitality
sector, this is a good sign, as it may translate into more money spent on vacations or
business trips. That said, increased activity may lead to an increased chance of risks. The
hospitality sector faces a variety of potentially damaging threats that hotels need to

14

contend with, particularly as they deal with an influx of new leisure and business
travelers.

Top Four Risks in Hospitality Business:

1. Data privacy: Cyber security has been a big concern for a number of sectors,
ranging from power and utility companies to government organizations. While
those specific industries are more concerned about cyber terrorism, the hospitality
business is more focused on preventing data and identify theft. Hotels collect a
lot of information about their guests to insure themselves against damages and to
fuel their own rewards programs. This makes them popular targets among cyber
criminals and hackers, as a single breach could result in hundreds or even
thousands of pieces of guests' personal information (names, addresses, social
security numbers, etc.) and payment details being compromised. Because of this,
they need to make sure this data is protected against fraudsters.
2. Guest behavior: Guests represent the fuel for any hospitality company. Without
guests and travelers, these businesses wouldn't make any money. However, guests
can also potentially be the biggest threats both directly and indirectly to
profitability. Lawsuits from people who are injured or damage to guestrooms can
represent a big risk to the bottom line. Hotels should have internal controls in
place to handle guest destruction and ensure travelers' safety during their stay.
Small things, such as closer management of property and resources, can prevent
incidents like this from happening in the first place.
3. Staff: Staff is another critical risk. During the recession, many employees were
rooted by their jobs because it was so difficult to find work elsewhere. As the
economy improves, staff will have more options both in and outside the industry.
This means hotels are at greater risk of having their key personnel poached by
their competitors. Hiring and retraining are options, but they come with additional
expenses. Travel and hospitality companies need to address any demographic,
wage level and worker satisfaction issues to ensure their staff remains motivated
and content. Creative companies are coming up with new retention plans and
innovative strategies to help keep employees engaged. At the same time, hoteliers
also need to ensure their employees aren't actively working against them.
Property theft is a big issue at many hospitality companies, given the number of
amenities they deal with on a daily basis. While a stolen towel might not seem
15

like much, theft adds up over the course of the year especially if hotels are part
of a larger chain.
4. Branding: Hospitality companies rely on their brands to drive customers. Popular
brands such as Hilton or Marriott are familiar with customers and have become
trusted names in the market. They also tend to be very protective of their brands
and aren't afraid to throw their weight around when another company tries to
infringe on their trademarks. For example, the Hilton Prestige Portfolio led to a
copyright infringement lawsuit from Prestige Resorts & Destinations, which
alleged that Hilton infringed on its trademark and claimed unfair competition.

Risk can rise from a single factor or a series of small factors, which can combine to cause
loss or injury. Some risk is inherent in the operations of most businesses. The object of
risk assessment and analysis is to determine how often the risk is likely to happen, what
will be the financial effect on the organization and how can the effect be minimized.

2.1.4. The Risk Management Process

Risk Management is not planned to eliminate risk of an activity at all, but more intended
to build awareness of risks faced, positive or negative ones, and to help the stakeholders
calculate risk and manage it efficiently. Chapman and Ward (1997) revealed the uses of
risk management as follows:

Risk is defined earlier even before activities begin.

To support objective decision making process.

To improve business plan with more imaginative scenario (What if).

Definition and business structure are monitored objectively.

Alternative plan is made with response of risk consideration.

To imaginatively develop response alternative.

To build risk profile for next project improvement.

To manage risk more rationally, systematically and measurably, and to give use for
decision making process, risk shall be managed through processes as follows:

16

Knowing and understanding faced risks.

Measuring risk level.

Deciding on responses or the follow up action.

Ensuring that decision about taken steps is still relevant to the development of faced
situation.

A risk is a potential event that negatively affects the achievement of the vision, mission,
goals and targets of the Company or organizational unit. Risk Management is an attempt
to minimize the negative effects from the various sources of risks facing the Companys
business activities so that objectives can be achieved optimally. The Risk Management
Division is responsible for ensuring that analysis and management of risk have been
conducted for all units of the organization and to ensure that the analysis and management
of risk have been implemented in an effective, efficient and consistent manner at each
operational unit.

Figure 11 Risk Management Process

17

2.1.5. Risk Management Responses

2.1.5.1. Risk Identification
Risk identification is the first step of risk management. This should include all of the
elements that identified previously: Strategic, Financial, Operational and Hazard. Every
risk identification process should be initiated with four basic questions:

What could go wrong?

How could it happen?

What would be the effect on the business and any individual?

What should be done to remove, minimize and manage the risk?

2.1.5.2. Risk Measurement

After identification of the risk is done, the next step is measure the risk. When we talk
about the measurement, then we talk about the number. In order to understand the risk,
first we need to know how the risks impact the company, than we able to make
meaningful decisions about risk issues.

Each risk that may happen in the company should be measured objectively. Risk
measurement has two components. The first component is to measure risk impact. The
second component is to measure risk probability. The measurement of risk should be
done by the risk owner and decide what to do next after mapping it since the risk owner
is the expert and know the most about the company.

Table 2 Probability Score

18

Point

Criteria

Parameter

Low

Certainly will never happen

Unlikely

Less likely will happen

Moderate

50% happen 50% not happen

Likely

The most probale will happen

High

Certainly will happen

Table 3 Impact Score

Point

Criteria

Parameter

Insignificant

Work still can be done

Minor

Lower specification

Moderate

Reducing area of work

Significant

Staging procurement

Catastrophic

Work must stop

After we done measured the risk, the next step that we need to do is make the available
risk and make the plotting out of it. Risk metric would show the analyst the risk position,
whether it low, medium, high or critical.

2.1.5.3. Risk Management Strategies

A risk management strategy provides a structured and coherent approach to identifying,
assessing and managing risk. It builds in a process for regularly updating and reviewing
the assessment based on new developments or actions taken. A risk management strategy
can be developed and implemented by even the smallest of groups or projects or built
into a complex strategy for a multi-site international organization.

The process of identifying and reviewing the risks that you face is known as risk
assessment. By assessing risks you are able to be actively aware of where uncertainty
surrounding events or outcomes exists and identifying steps that can be taken to protect
the organization, people and assets concerned. How this is achieved and the level of detail
which is considered can vary between organizations. In many circumstances, where staff
or volunteers have a more hands-on role in the organization, the Management Committee
may not carry out the risk assessment themselves.

19

Table 4 Risk Management Strategies

Common

Nieman, Hough &

HM

Gray & Larson

PMBOK

Classification

Nieuwenhuizen

Treasury

(2006:215-217)

(2000:142

(2003:139)

(2004:27)

Accepting risk

Retention

Tolerate

Retain

Accept

Mitigating risk

Reduction

Treat

Mitigate

Mitigate

Avoiding risk

Avoidance

Terminate

Avoid

Avoid

Transfer

Transfer

Transfer

Transferring risk Transfer

Sharing risk

-143)

Share

1. Accepting the Risk

A risk management method used in the business or investment field. Accepting
risk occurs when the cost of managing a certain type of risk is accepted, because
the risk involved is not adequate enough to warrant the added cost it will take to
avoid that risk.
2. Avoiding the Risk
Avoidance may seem the answer to all risks, but avoiding risks also means losing
out on the potential gain that accepting (retaining) the risk may have allowed. Not
entering a business to avoid the risk of loss also avoids the possibility of earning
profits.

Avoidance by substitution

Avoidance by termination

Avoidance by process change

3. Transferring the Risk

The purpose of this action is to take a specific risk, which is detailed in the
insurance contract, and pass it from one party who does not wish to have this risk
(the insured) to a party who is willing to take on the risk for a fee, or premium
(the insurer)

20

Transfer by contract

Transfer by subcontract

Transfer by insurance

Transfer by hedging / derivatives

4. Sharing the Risk

Briefly defined as "sharing with another party the burden of loss or the benefit of
gain, from a risk, and the measures to reduce a risk. The term of 'risk transfer' is
often used in place of risk sharing in the mistaken belief that you can transfer a
risk to a third party through insurance or outsourcing. In practice if the insurance
company or contractor go bankrupt or end up in court, the original risk is likely
to still revert to the first party. As such in the terminology of practitioners and
scholars alike, the purchase of an insurance contract is often described as a
"transfer of risk."

However, technically speaking, the buyer of the contract generally retains legal
responsibility for the losses "transferred", meaning that insurance may be
described more accurately as a post-event compensatory mechanism. For
example, a personal injuries insurance policy does not transfer the risk of a car
accident to the insurance company. The risk still lies with the policy holder
namely the person who has been in the accident. The insurance policy simply
provides that if an accident (the event) occurs involving the policy holder then
some compensation may be payable to the policy holder that is commensurate to
the suffering/damage.

Some ways of managing risk fall into multiple categories. Risk retention pools
are technically retaining the risk for the group, but spreading it over the whole
group involves transfer among individual members of the group. This is different
from traditional insurance, in that no premium is exchanged between members of
the group up front, but instead losses are assessed to all members of the group.
5. Retention the Risk
Involves accepting the loss, or benefit of gain, from a risk when it occurs. True
self-insurance falls in this category. Risk retention is a viable strategy for small
risks where the cost of insuring against the risk would be greater over time than
the total losses sustained. All risks that are not avoided or transferred are retained
by default. This includes risks that are so large or catastrophic that they either
cannot be insured against or the premiums would be infeasible. War is an example
since most property and risks are not insured against war, so the loss attributed
by war is retained by the insured. Also any amounts of potential loss (risk) over
21

the amount insured is retained risk. This may also be acceptable if the chance of
a very large loss is small or if the cost to insure for greater coverage amounts is
so great it would hinder the goals of the organization too much.

2.1.5.4. Mitigation or Treating the Risk

The last step of risk management process is the risk mitigation. This step objective is the
way for manager to manage the risks that have been mapped before. The company
usually retains the risk with low probability of occurrence and low impact. The company
can transfer the risk with high impact but low probability of occurrence, while the risk
with high probability of occurrence with low impact can be controlled. The last kind of
risk is the risk with high probability of occurrence and high impact. The company should
avoid this kind of risk. There are four ways to manage risk that could be implemented:
Table 5 Risk Mapping

Catastrophic
Major
Moderate
Minor
Insignificant
Low

Unlikely

Moderate

Likely

High

Very Low
No action required
Low Manage
Manage through continued good practice
Tolerable
Managed by keeping under review and through good practice
High
Detailed action plan required that will reduce the level of risk to tolerable or
less
Very high
Urgent action to be taken that will reduce the level of risk to tolerable or less

22

Table 6 Total Score

Score 1-5

Very Low

Score 5-10

Low

Score 10-15

Medium

Score 15-20

High

Score 20-25

Very High

2.2. Methodology
2.2.1. Observation Method
I used observation to collect data in this research. Observation methods are useful to
researchers in a variety of ways. They provide researchers with ways to check for
nonverbal expression of feelings, determine who interacts with whom, grasp how
participants communicate with each other, and check for how much time is spent on
various activities (SCHMUCK, 1997). Participant observation allows researchers to
check definitions of terms that participants use in interviews, observe events that
informants may be unable or unwilling to share when doing so would be impolitic,
impolite, or insensitive, and observe situations informants have described in interviews,
thereby making them aware of distortions or inaccuracies in description provided by
those informants (MARSHALL & ROSSMAN, 1995).

2.2.2. Qualitative Approach

I chose to use a qualitative approach that had conducting interviews or focus groups or
observing behavior. This research project leveraging subjective methods such as
interviews and observations to collect substantive and relevant data. These interviews
shall be conducted with hotel personnel. Three interviews were conducted with the
owner, general manager, and two person staff. In addition, the interviews were taperecorded and notes were taken during the observation sessions.

The question was about implementation risk management in this hotel. The observation
sessions were mostly based on observing the site, the personnel opinions about how to
providing good hospitable services, which at the same time offering comfort and
satisfaction to its guest and also how important implementing risk management in the
hotel business. The interviews were recorded, then transcribed and coded to focus the
study on the issue of risk management in the hotel business.
23

Such a qualitative approach is valuable here due to the varying experiences of the hotel
personnel. Upon collecting the qualitative data derived from said interviews, careful
analysis shall be done to prepare to prepare a SWOT (strengths, weaknesses,
opportunities, and threats) to analyze how to best mitigations for risk management in
this hotel.

Inductive Research
Inductive research is theory-generating, and is often linked to qualitative
interviews.

Empirical Study
An empirical study could involve close analysis of statistics or some form of
qualitative research.

2.2.3. Limitation
Since the time of the study was limited, it was not possible to conduct more than three
interviews or observations. Therefore, the data collection for this study was limited in
both time and scope. The availability of the hotel staff was another limitation. Since the
employees gave most of their time to their work, they were only available for interviews
in their free time. Further, the study was limited in its scope because it didn't look at other
important issues such as the experience of each individual and the lack of knowledge
about risk management theory when ran the business.

2.3. Findings & Analysis

This company has not yet had risk management in their finance management. Because
the hotel industry can surely improve implementation of risk management, but it is up to
everyone to take an active role and especially for the largest hotels to take the lead,
according to the manager. The main difficulty is that hotels do not want to cooperate with
each other. There is no incentive in helping other hotels. Hotels do not want to share their
secrets with competitors. Only a few hotels try to improve providing good hospitable
services, which at the same time offering comfort and satisfaction to its guest by
implement risk management in the business. On the other hand it could also be profitable
if successfully be turned to a business idea where guests are somehow guaranteed a highlevel product, but that is more likely to be attractive for hotel guests that have enough
money to actually be able to pay for it.

24

2.3.1.1. Risk Identification in Stevie 6

Risk that can be identified:

Financial Risk

Strategic Risk

Operational Risk

Compliance Risk

Table 7 Drivers of Key Risks

Risk

Internally Driven

Financial Risk

Strategic Risk

Externally Driven

Liquidity and Cash

Interest Rates

Flow

Foreign

Accounting Controls

Exchange

Credit

Research and

Competition

Development

Customer
Changes

Industry Changes

Customer
Demand

Operational

Information Systems /

Regulation

Supply Chain

Culture

Products and Services

Natural Events

Environment

Suppliers

Risk

Hazard Risk

The profitability of the hotel that may be adversely affected by a number of factors that
includes:

Pricing strategies of competitors

The availability of and demand for the hotel rooms

International, national and regional economic and geopolitical conditions.

The impact of war, actual or threatened terrorist activity and heightened travel
security measures instituted in response to war, terrorist activity or threats.
25

The desirability of particular location and changes in travel patterns.

The occurrence of natural disasters, such as earthquakes, tsunamis, and

hurricanes.

Taxes and government regulations that influences or determine wages, prices,

interest rates, construction procedures and costs.

The availability and cost of capital to allow hotel and potential hotel owner joint
venture partners to fund investment.

Regional and national development of competing properties.

Increases in wages and other labor cost, energy, healthcare, insurance,

transportation, and fuel and other expenses.

2.3.1.2. Measuring the Risk in Stevie 6

Table 8 Risk Measurement

Type of Risk

Probabilit

Impact/Likelihoo

Score

1. Financial Risk

25 - Very High

2. Strategic Risk

20 - High

3. Operational

20 - Very High

12 - High

risk

4. Compliance
Risk

26

2.3.1.3. Risk Management Strategies in Stevie 6

Table 9 Risk Management Strategies in the Hotel

Type of Risk
1. Financial Risk

Strategies
Extensive management essential

Global Economic Crisis

Risk

2. Strategic Risk

Competition Risk

Reputational Risk

3. Operational risk

Technology Risk

Increasing Risk

Associate (Employee) Risk

Hazards risk

4. Compliance Risk

Management effort worthwhile

Must manage and monitor risks

Risk may be worth accepting with

monitoring

27

CHAPTER III
BUSINESS SOLUTION

3.1. Proposed Solution

The most significant issues to be propose are:

The development of a risk culture

The integration of risk as a factor in decision making

The importance of the risk management system to the future viability of the hotel

The key recommendation: The Maja Group especially the hotel, Stevie 6 Hotel approved
the strategy plan.
ERM Strategy is chosen for the Maja Groups Hotel, Stevie 6 to deal with risk and
opportunities and to manage risk by enterprise risk management process. With the
enterprise risk management framework, it will enable the hotel to mitigate risk for the
smooth flow business.

Figure 12 ERM Strategy

Risk management is important to the operation of the hotel. The identification,

assessment and control of all risk are important to the successful achievement of the
hotels vision and mission. Stevie 6 hotel is subject to various risk that could have
28

negative effect on the company and its financial condition. The aim of the plan is to plot
the risk for the hotel for next 5 years that might impact on adverse incident and may
interrupt normal business operation. This plan will show the implementation of strategies
in hotel operation for efficient flow during the 5 years period.

3.2. Practical Implementation

This is the first research of risk management in this hotel and when the Strategic Risk
Management implement in the Hotel it will make some of impacts to the hotel personnel,
customer, and the stakeholder and also for the business. For the business itself the hotel
risk will be evaluated annually. New risk will be considered and risks that no longer
relevant will be removed. The risk will be refreshed by rating the likelihood and impact
for each risk. The information is used to prioritize the risks and this in turn flows into the
Hotels business planning cycle.

Hotel personnel will be understand the risk at the hotel. It helps them to make plan or an
action to mitigate the risks. For the company by continuing assessment of all the modes
will make the strategic risk management plan successful and protect the Maja Group
especially the hotel brand in the fast growing hospitality industry. The customer will feel
satisfied with the good hospitable services, which at the same time feeling comfort and
satisfaction with the hotel.

As established, the risk management process entails analyzing and considering possible
outcomes, ensuring that an action plan is in place, and moving rapidly and effectively to
mitigate conditions as new and unexpected developments arise. Analyzing and
considering possible outcomes is intertwined with the process of identifying risks.
Despite the interviewees mentioning randomized and sometimes systematic check-ups
on a daily, weekly, monthly or annual basis for the purpose of identifying risks,

3.3. Implementation Plan

Every step of the risk management plan has to be taken to ensure that there was continuity
throughout the whole plan and each risk management elements are explained in detail.
This will enable to understand each and every step of the risk management plan clearly.
Everyone in an entity has some responsibility for enterprise risk management.

29

Table 10 Responsibilities

Financial Risk
Global Economic Crisis Risk

Who

General Manager / Executive

Directors

Director of Sales

Sales executive / Sales Team

Managers / Team Leaders

Strategic Risk
Competition Risk

Who

General Manager / Executive

Directors

Reputational Risk

Director of Sales

Sales executive / Sales Team

Managers / Team Leaders

General Manager / Executive

Directors

Director of Hotel Associates

Operational risk

Who

Technology Risk

Information Resources Manager

Increasing Risk

General Manager / Director of

Finance

Associate (Employee) Risk

General Manager / Executive

Directors

Hazards risk

Compliance Risk

Loss and Prevention Director

Who

Loss and Prevention Director

3.3.1. Status of Strategy Plan

Strategy effective from this date

January 2015

Strategy Cover this period

January 2015 to January 2020

Strategy approved by

Owner / General Manager

Strategy to be adopted by the Hotel

January 2015

30

Person Accountable for this strategy

Human Resources Manager

First Person to contact about this strategy

Human Resources Manager

Stakeholder to consult with (minimum)

General

Manager,

Executives

directors, Managers, Staff

Performance will be reported through

Management Plan

This strategy must be reviewed at least

Annually

This plan is an integral support document for the organization and guide for the Hotel
and policy making in the area of risk management.

Strategy approved by

Strategy to be adopted

Owner /General Manager

by the Hotel

Do the Risk Management

Process

Performance will be reported

Report

and reviewed annually

Figure 13 Flow Chart Strategy Plan

31

CHAPTER IV
LESSON LEARNED

4.1. Lesson Learned from the Problem Solving Activity

The data collection for this study was limited in both time and scope. The availability of
the hotel staff was another limitation. The lack of knowledge of the hotel personnel about
risk management became one of the most constraint to make this report. Since the hotels
lack a specific process of identifying risks, the effect is that any developed action plan
being implemented lacks a foundation.

Actually risk management is simply a practice of systematically selecting cost-effective

approaches for minimizing the effect of threat realization to the organization. All risks
can never be fully avoided or mitigated simply because of financial and practical
limitations. Therefore, all organizations have to accept some level of residual risks. This
theory about risk management basically can be implement in this Hotel because from the
interviewed this hotel already develop the major point of risk management theory but
less deep and not controlled properly so there are much expenditure that should not be
there

The decision-making process in the company is actually owned by the owner of the
company. But I think there are some things that are less efficient because the owner does
not always lie in the hotel so much that sometimes had to be postponed.

4.2. Lesson Learned from the Internship Program

One of the most evident things I have learned so far is the importance of time
management. I used to balancing a heavy workload between school projects, student
organizations, work and a social life. My coworkers have a lot of experience and they
have obviously made it in that particular field. I have learned a lot and get some great
ideas from them by sharing each other stories at the office.

I am gaining relevant knowledge, skills, and experience while establishing important

connections in the field. I learned about the work environment, the manner in which
things were handled, and how one should behave and carry themselves in the workplace.
By making this report I also learned how to make thesis.
32

REFERENCES

Books
David Hillson. 2007. The Risk Management Universe: A Guide Tour
Fraser, J., & Betty, S.J. (Eds.) (2010) Enterprise Risk Management Todays Leading
Research and Best Practices for Tomorrow. John Wiley & Sons, Inc.; New Jersey.
Richard M. Steinberg. 2004. Enterprise Risk Management Integrated Framework
Abkowitz, M.D. (2008) Operational Risk Management A Case Study Approach to
Effective Planning and Response. John Wiley & Sons, Inc; New Jersey.
Bryman, A. & Burgess, R.G. (Eds.) (1994) Analyzing Qualitative Data. Routledge, New
York.

Internet
Risk Management Description
http://economictimes.indiatimes.com/definition/risk-management
Strategic Risk Management
http://www.slideshare.net/rejoysirvel/strategic-risk-management-10280925
Hotel and Restaurant Management (Ministry title - Hospitality Management) | Humber
College Programs Page
http://www.humber.ca/program/hotel-and-restaurant-management
Definition of Risks
http://www.businessdictionary.com/definition
Maja Group Company Profile
www.majagroup.co.id
Risk management: A hoteliers guide
http://www.hotelnewsnow.com/Article/6925/Risk-management-A-hoteliersguide
Top Risks Facing the Hospitality Industry
33

http://www.resolvergrc.com/blog/top-risks-facing-the-hospitality-industry/
A template for structured observation
http://www.sociology.org.uk/methsi.pdf
A site devoted to survey design
http://www.whatisasurvey.info/
A chapter on structured interviewing
http://informationr.net/tdw/publ/INISS/Chap1.html

34

APPENDIX

Interview Guideline

Many thanks for taking time for an interview regarding the subject of risk management
in this hotel, Stevie 6. To give you an understanding of what I want to discuss with you
in detail, I hereby submit the interview questions.

This report is about research and observation for risk management strategy in the Stevie
6 Hotel during the internship program for MBA ITB. Please note that the study will not
disclose the name of the hotel or any information that refers to specific hotels or persons.

Please describe briefly your business.

What is your role/title?

Have you noticed any demand for increased/improved good services for guests?
If yes, in which way?

Who is/are responsible for the overall good services at the hotel? If several people
are responsible, how does the role distribution look like?

How formal is the risk management process at the hotel? (Policy, certification,
strategy, operational work)

Is there any relation between the hotels daily operation and any potential risk
management strategy? In which way?

Does the risk management process involve all personnel? In which way?

Who is/are responsible to identify and evaluate risks?

Which methods/approaches do you have for identifying and evaluating risks?

Do you work actively with implementing risk management? In which way?

How do you evaluate the overall risk management process at the hotel?

In which way do you think that the Stevie 6 can improve its risk management?

35

Example for Risk Assessment Work Sheet

36

37