Selama tahun 2018, Komite Audit telah melakukan berbagai kegiatan terkait pelaksanaannya membantu Dewan Komisaris menjalankan fungsi pengawasan secara internal. Berikut pelaksanaan kinerja Komite Audit selama tahun 2018:

No Kegiatan

.Activity Rekomendasi

.Recommendation 1 Telaah Kebijakan

Manajemen Risiko

Review of Risk Management Policy

a. Perlu dilakukan kajian mendalam dalam melakukan proses analisis risiko, yaitu kajian terhadap root cause analysis dan kajian terhadap consecuence.

b. Perlu dilakukan evaluasi yang lebih detail dalam menentukan tingkat risiko.

c. Perlu ditentukan pihak-pihak yang terlibat proses manajemen risiko baik pihak yang bertanggung jawab, pemberi persetujuan pada setiap proses manajemen risiko.

a. An in-depth study needs to be carried out in conducting the risk analysis process, viz. a study of root cause analysis and a study of consecuence.

b. A more detailed evaluation is needed in determining the level of risk.

c. It is necessary to determine the parties involved in the risk management process, both the responsible party, the approver in each risk management process.

2 Permasalahan atau Keluhan Stakeholder

Stakeholder’s Issues or Complaints

Komponen key performance indicators (KPl) dibahas pada setiap rapat gabungan Direksi dan Dekom terkait materi pemaparan kinerja perusahaan tiap bulannya.

Key performance indicator (KPl) components are discussed at each meeting of Board of Commissioners in relation to monthly Company’s performance description material.

3 Sistem Pengendalian Internal

Internal Control System

a. Perlu ditambahkan pada SOP Satuan Pengawasan Internal terkait ketentuan yang mengatur object audit apa saja yang diperkenankan untuk dilakukan pemeriksaan satuan pengawas internal, sehingga tidak ada data yang bersifat confidential yang sampai bocor oleh pihak satuan pengawas internal pada saat melakukan pemeriksaan. Top manajemen dalam hal ini diwakili dewan direksi perlu menetapkan object audit yang diperbolehkan dan yang tidak diperbolehkan (contohnya: data gaji karyawan).

b. Perlu dibuatkan flow proses pelaksaanan audit dan penyclesaian temuan audit sehingga lebih mudah untuk dijadikan panduan bagi team satuan pengawas internal dalam menjalankan proses audit.

c. Perlu mekanisme tambahan terkait persyaratan kompetensi bagi tim satuan pengawas internal, dimana persyaratan ini meliputi lamanya pengalaman, pendidikan dan pelatihan apa saja yang wajib diikuti oleh team satuan pengawas internal.

d. Kedua SOP Satuan Pengawas Internal baik area 1dan 2 sebaiknya dijadikan satu, sehingga tidak menimbulkan dualisme.

a. It ought to be augmented to the SOP of the Internal Audit Unit regarding the provisions governing which audit object is permitted to be inspected by the internal audit unit; hence, there would be no confidential data leaked by the internal audit unit during the inspection. The top management, in this case represented the Board of Directors, needs to determine which audit objects allowed and not allowed (for example: employee salary data).

b. It ought to be made a flowchart of audit implementation process and settlement of audit findings so as to facilitate the Internal Audit in making references to guide them in conducting the audit process.

c. It ought to be prepared an additional mechanism related to the competency requirements for the internal audit unit, where these provisos include the length of experience, education and training that the internal audit unit should attend.

d. The SOP of Internal Audit Unit, both in area 1 and 2, should be made into one so as not to cause dualism.

No Kegiatan

.Activity Rekomendasi

.Recommendation 4 Telaah Kebijakan Teknologi

Informasi

Information Technology Policy Review

Perlu ditingkatkan sosialisasi kebijakan kemanaan informasi terhadap seluruh lini perusahaan yang dinilai belum memadai, karena berdasarkan hasil internal audit ISO 27001:2013, masih ditemukan beberapa temuan kategori major pada beberapa bagian, diharapan dengan adanya sosialisasi yang intensif terhadap seluruh lini dan bagian terkait, untuk ke depannya tidak lagi ditemukan temuan major baik pada saat internal maupun eksternal audit.

It is necessarily required to enhance the dissemination of information security policy to all lines that are envisaged inadequate, since there are still a few major category findings in a number of sections based on the result of internal audit ISO 27001:2013.

It is expected that, with the intensive dissemination to all lines and related sections, there will be no more major findings at the time of both internal and external audit activities.

5 Telaah Kebijakaan Pengembangan Karir Career Development Policy Review

a. Penempatan karyawan pada jabatan dalam struktur organisasi perusahaan harus sesuai dengan kompetensi requirement, jika tcrjadinya gap kompetensi maka perlu disusun program terkait pemenuhan standar kompetesnsi.

b. Perlu dibuatkan mekanisme persyaratan yang mengatur promosi dan demosi, serta mutase dalam bentuk SK direksi dan SOP dengan memperhatikan peraturan perundang -undangan tenaga kerja serta juga peraturan perusahaan.

a. Placement of employees in positions within the organizational structure of the Company must be in accordance with the required competences. Should there be any competency gap, it is necessary to prepare a program related to the fulfillment of competency standards.

b. It is necessary to prepare a requirement mechanism that regulates promotion and demotion as well as transfers in the form of Decree of Board of Directors and SOPs with due regard to labor laws and regulations as well as Company

regulations.

6 Telaah Kebijakan Suksesi Succession Policy Review

a. Menetapkan kompetensi requirement terhadap seluruh jenjang jabatan pada semua bagian baik operasional maupun non operasional.

b. Melakukan kompetensi assessment antara kompetensi requirement dibandingkan dengan kompetensi yang sudah ada.

c. Melakukan pemetaan kompetensi dan jika terjadi gap kompetensi maka

manajemen harus menetapkan program dan strategi pengembangan kompetensi dalam rangka menutupi gap kompetensi.

a. Establishing the required competencies on all levels of position in all parts, both operational and non-operational.

b. Conducting competency assessment between the required competencies and existing competencies.

c. Conducting competency mapping and, if there is a competency gap, then the management must establish competency development programs and strategies in order to cover the competency gap.

7 Telaah Kebijakan Akuntansi Accounting Policy Review

a. Perlu dilengkapi mekanisme terkait pengelolaan piutiang dan monitoring terhadap umur piutang serta perlakuan terhadap penyisihan piutang tak tertagih.

b. Perlu dilengkapi mekanisme terkait persediaan dan modal saham.

c. SOP yang telah ditetapkan perlu dikaji secara periodic melalui internal audit apakah implementasinya sudah sesuai dengan pedoman standar akuntansi keuangan.

d. Kebijakan akuntansi pada PT EDI Indonesia perlu ditunjang dengan SOP dan instruksi kerja terkait penyusunan laporan keuangan dan laporan keuangan penunjang lainnya sebagai pedoman team akuntansi PT EDI Indonesia yang

No Kegiatan

.Activity Rekomendasi

.Recommendation

a. It is necessary to be equipped with mechanisms related to the management of receivables and monitoring of the age of receivables and the treatment of allowance for uncollectible accounts.

b. It is necessary to be equipped with mechanisms related to inventory and share capital.

c. SOPs that have been set need reviewing, periodically, through an internal audit whether the implementation is in accordance with the guidelines of financial accounting standards.

d. The Accounting Policies at PT EDI Indonesia need supporting by SOPs and work instructions related to the preparation of financial reports and other supporting financial reports as a guideline for PT EDI Indonesia's accounting team that is adjusted to the guidelines for financial accounting standards.

8 Telaah Kebijakan

Pengadaan Barang dan Jasa Goods and Services Procurement Policy Review

a. Perlu dibuat mekanisme tambahan terkait kriteria selcksi calon supplier.

b. Mekanisme terhadap evaluasi kinerja supplier yang dilakukan secara periodik.

c. Assessment risk untuk menentukan penanganan terhadap supplier.

a. It is necessary to prepare an additional mechanism regarding the criteria to select candidates for suppliers.

b. Mechanism of supplier performance evaluation shall be undertaken, periodically.

c. Risk assessment is to determine the handling of suppliers shall be conducted 9 Telaah Kebijakan Mutu

Pelayanan

Service Quality Policy Review

a. Menetapkan standar mutu layanan yang akan diadopsi/dipakai dalam memberikan pelayanan kepada customer, standar ini yang dimaksud misalnya penerapan standar service excellence (The International Standar for Service Excellence /TISSE), atau penerapan ISO 9001:2015 (quality manajement system), dan standar lainnya yang sesuai dengan karakteristik perusahaan.

b. Menetapkan SOP dan working instruction yang detail terkait tata cara dalam memberikan pelayanan yang bermutu.

c. Menetapkan SOP dan working instruction yang detail terkait penanganan complain customer dan cara menyelesaikannya termasuk SOP dan working instruction terkait survey kepuasan pelanggan dan ketentuan dalam melaksanakan tindak lanjut hasil kepuasan pelanggan.

d. Melakukan pemantauan hasil mutu pelayanan dan kendala-kendala dalam menerapkan SOP dan working instruction yang dituangkan ke dalam rapat tinjauan manajemen yang dilakukan secara berkala.

a. Establishing service quality standards that will be adopted/exerted in providing services to customers. The standards include the application of The International Standard for Service Excellence (TISSE), or the implementation of ISO 9001:2015 (quality management system), and other standards in line with the Company’s characteristics.

b. Establishing detailed SOP and working instructions related to the procedures in providing quality services.

c. Establishing detailed SOP and working instruction related to handling of customer complaints and how to solve them, including SOP and working instruction related to customer satisfaction survey and provision in implementing follow-up result of customer satisfaction.

d. Monitoring the results of service quality and constraints in applying SOP and working instruction as outlined in the management review meetings conducted, periodically.

Sampai dengan 31 Desember 2018, PT EDI Indonesia tidak membentuk Komite Nominasi dan Remunerasi. Pelaksanaan fungsi Komite Nominasi dan Remunerasi dilaksanakan oleh Dewan Komisaris dibantu dengan divisi terkait.

As of December 31, 2018, PT EDI Indonesia has not established a Nomination and Remuneration Committee.

The Nomination and Remuneration Committee’s function is executed by the Board of Commissioners with assistance from the related divisions.

The Internal Control Unit (SPI) in cwheeling up its functions helps the President Director in gathering factual and significant information through examinations and assessments and drawing conclusions systematically, objectively and documented as well as suggestions and improvements to company management in accordance with the principles of Good Corporate Governance (GCG) .

The Board of Directors of PT EDI Indonesia appointed Barozi as a Corporate Secretary based on Directors’ Decree number 5460/E01/HK.110/04/2016 dated on April 27, 2016 Barozi began serving as a Secretary of PT EDI Indonesia since 2016.