Governance, risk, and compliance maturity level: Optimizing XX LLC performance achievement

https://doi.org/10.35912/ijfam.v7i1.2184
Published: Jun 18, 2025

Abstract:

Purpose: This research aims to evaluate the GRC maturity level at XX LLC as an SOE subsidiary engaged in plantation products and provides recommendations to improve GRC implementation.

Method: The research was qualitative with a case study approach. Data collection was carried out using secondary document collection to check the availability of documents to confirm the existence of GRC indicator elements. Supporting evidence that cannot be found on the website will be collected through interviews. The indicator used was from the GRC Forum Indonesia guidelines, which have three aspects.

Results: The results obtained from the average calculation of the three aspects of the GRC excellence model in XX LLC were 94.5% or had a proactive maturity level. However, several aspects still need to be improved to maximize GRC implementation at XX LLC and optimize company performance.

Conclusions: This study shows that a state-owned plantation subsidiary has reached a proactive GRC maturity level (94.5%), but still needs improvements in strategy dissemination, stress testing, innovation, and HR planning to enhance performance.

Limitations: This study is limited to state-owned plantation companies. The number of respondents, sources of theory, and previous research are limited, and access to information is restricted owing to the company policy on confidentiality.

Contribution: Because of the research limitations regarding the GRC maturity level, this study contributes to the literature and serves as an additional reference for further study. For XX LLC, this research can contribute to optimizing the company’s performance.

Novelty: This research uses secondary data collection, interviews, and document observation (available or not) as supporting evidence for respondents’ answers through interviews, while other research on GRC maturity levels only uses questionnaires.

Keywords:
1. Compliance
2. Maturity Level
3. Governance
4. GRC
5. Risk
Authors:
1 . Lovia Wita Ayurini
Universitas Indonesia, Indonesia
2 . Nureni Wijayati
Universitas Indonesia, Indonesia
View PDF
How to Cite
Ayurini, L. W., & Wijayati, N. (2025). Governance, risk, and compliance maturity level: Optimizing XX LLC performance achievement. International Journal of Financial, Accounting, and Management, 7(1), 15–26. https://doi.org/10.35912/ijfam.v7i1.2184
Download Citation
  1. Endnote/Zotero/Mendeley (RIS)
  2. BibTeX

Downloads

Download data is not yet available.
Issue & Section
Vol. 7 No. 1 (2025): June
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

References

    Ahmeti, R., & Vladi, B. (2017). Risk management in public sector: A literature review. European journal of multidisciplinary studies, 2(5), 190-196. 10.26417/ejms.v5i1.p323-329

    Al Habsyi, S., Suharman, H., & Handoyo, S. (2021). Effect of GRC and Intellectual Capital on Company Performance. JRAK, 13(2), 106-112. https://doi.org/10.23969/jrak.v13i2.4130

    Azhar, M. (2021). Evaluasi Kesiapan PT. X Untuk Penerapan Governance, Risk, Dan, Compliance (GRC).

    Batenburg, R., Neppelenbroek, M., & Shahim, A. (2014). A maturity model for governance, risk management and compliance in hospitals. Journal of Hospital Administration, 3(4), 43-52. http://dx.doi.org/10.5430/jha.v3n4p43

    Borg Caruana, S. (2018). Determining the governance, risk management & compliance maturity of credit institutions by applying the Basel & OCEG recommendations as a theoretical index. University of Malta.

    CRMS. (2018). Saatnya Merealisasikan Pelaksanaan GRC dengan Pendekatan Terintegrasi. Retrieved from https://crmsindonesia.org/publications/saatnya-merealisasikan-pelaksanaan-grc-dengan-pendekatan-terintegrasi/

    Gunawan, R. M. B. (2021). GRC (Good Governance, Risk Management, And Compliance)-Rajawali Pers: PT. RajaGrafindo Persada.

    Halisa, N. N. (2020). Peran manajemen sumber daya manusia" sistem rekrutmen, seleksi, kompetensi dan pelatihan" terhadap keunggulan kompetitif: Literature review. ADI Bisnis Digital Interdisiplin Jurnal, 1(2 Desember), 14-22. https://doi.org/10.34306/abdi.v1i2.168

    Handoko, B. L., Riantono, I. E., & Gani, E. (2020). Importance and Benefit of Application of Governance Risk and Compliance Principle. Systematic Reviews in Pharmacy, 11(9).

    Hartono, A. L. D. (2014). Konsep Sosialisasi mengenai Strategi Perusahaan kepada Karyawan Lapangan di PT HM Sampoerna Tbk. Studi Kasus pada “5 Key Operations Strategies 2013-2015”. Jurnal Ilmu Komunikasi, 1-15.

    Hermawan, A., & Novita, N. (2021). The Effect of Governance, Risk Management, and Compliance on Efforts to Minimize Potential Fraud Based on the Fraud Pentagon Concept. Asia Pacific Fraud Journal, 6(1), 82-95. https://doi.org/10.21532/apfjournal.v6i1.196

    IRMAPA. (2020). PANDUAN MENCAPAI MODEL KEUNGGULAN GOVERNANCE, RISK MANAGEMENT, AND COMPLIANCE (GRC).

    Kelvianto, I. (2018). Implementasi prinsip-prinsip good corporate governance untuk keberlanjutan usaha pada perusahaan yang bergerak di bidang manufaktur pengolahan kayu. Agora, 6(2).

    Kembaren, S. Y. S., Endro, G., & Pendrian, O. (2022). Effect of governance, risk management and compliance on a firm’s value (healthcare industry). Enrichment: Journal of Management, 12(5), 4076-4087. https://doi.org/10.35335/enrichment.v12i5.947

    KNKG. (2022). PEDOMAN UMUM GOVERNANSI KOPERASI INDONESIA (PUG-KOPIN).

    Lam, J. (2017). Implementing enterprise risk management: From methods to applications: John Wiley & Sons.

    Lubis, R. H. (2020). Governance, Risk Management, and Compliance: Implementasi dan Implikasi Pada Koperasi Syariah di Kota Tangerang Selatan.

    Marmen, J. (2022). EFFECTS OF GOVERNANCE, RISK, AND COMPLIANCE (GRC) IMPLEMENTATION ON PROVINCIAL DEVELOPMENT BANK PERFORMANCE. Neuroquantology, 20(15), 6966.

    Maulana, M. W., & Iradianty, A. (2022). Analisis Pengaruh Governance, Risk, And Compliance Terhadap Kinerja Keuangan Bank Umum Syariah di Indonesia Periode 2016-2020. eProceedings of Management, 9(2).

    Mitchell, S. (2019). GRC Capability Model™ 3.5 (OCEG Red Book) FREE VERSION. Retrieved from https:/www.oceg.org/grc-capability-model-red-book/

    Nur’aini, R. D. (2020). Penerapan metode studi kasus YIN dalam penelitian arsitektur dan perilaku. INERSIA lnformasi dan Ekspose Hasil Riset Teknik Sipil dan Arsitektur, 16(1), 92-104.

    Papazafeiropoulou, A., & Spanaki, K. (2016). Understanding governance, risk and compliance information systems (GRC IS): The experts view. Information Systems Frontiers, 18, 1251-1263. https://doi.org/10.1007/s10796-015-9572-3

    Pertiwi, A. P., & Muslih, M. (2023). PENGARUH GOVERNANCE, RISK AND COMPLIANCE (GRC) DAN UKURAN PERUSAHAAN TERHADAP KINERJA KEUANGAN. Jurnal Ilmiah Manajemen, Ekonomi, & Akuntansi (MEA), 7(1), 537-554. https://doi.org/10.31955/mea.v7i1.2904

    Priyarsono, D., Gustrian, R. R., Vorst, C. R., Supriyadi, H., Yulian, A., & Munawar, Y. (2023). Risk management in private companies and public sector organizations: A preliminary comparative study. Jurnal Organisasi dan Manajemen, 19(1), 256-272. 10.33830/jom.v19i1.4126.2023

    Priyono, P., & Marnis. (2008). BUKU MANAJEMEN SUMBER DAYA MANUSIA (2).

    Putri, W. E., & Lindrianasari, L. (2023). PENGARUH PENERAPAN GRC TERINTEGRASI TERHADAP VALUE CREATION. JURNAL ILMIAH EDUNOMIKA, 7(2). https://doi.org/10.29040/jie.v7i2.8970

    Rozie, T. F. (2023). Analisis TIngkat Maturitas Model Keunggulan Governance Risk Compliance (GRC) Pada Komisi Pemberantasan Korupsi. Universitas Gadjah Mada.

    Setyawan, A. N., & Iradianty, A. (2021). Pengaruh Penerapan Governance, Risk, and Compliance terhadap Return Saham pada Bank Umum Swasta Nasional Devisa yang Terdaftar di BEI Tahun 2016-2020. Jurnal Mirai Management, 6(2), 14-31. https://doi.org/10.37531/mirai.v7i3.2415

    Shahim, A., Batenburg, R., & Vermunt, G. (2012). Governance, risk and compliance: a strategic alignment perspective applied to two case studies. Paper presented at the ICT Critical Infrastructures and Society: 10th IFIP TC 9 International Conference on Human Choice and Computers, HCC10 2012, Amsterdam, The Netherlands, September 27-28, 2012. Proceedings 10.

    Vorst, C. R., Priyarsono, D. S., & Budiman, A. (2018). Manajemen Risiko Berbasis SNI ISO 31000. Jakarta: Badan Standardisasi Nasional.

    Wibowo, S., Achsani, N. A., Suroso, A. I., & Sasongko, H. (2022). Integrated governance, risk, and compliance (GRC) and combined assurance: A comparative institutional study. Indonesian Journal of Business and Entrepreneurship (IJBE), 8(2), 289-289. https://doi.org/10.17358/ijbe.8.2.289

    Zammit, C., Grima, S., & Kizilkaya, Y. M. (2021). A Maturity Evaluation of Governance, Risk Management and Compliance (GRC) within the Maltese Public Sector Contemporary Issues in Public Sector Accounting and Auditing (pp. 219-255): Emerald Publishing Limited.https://doi.org/10.1108/S1569-375920200000105016

  1. Ahmeti, R., & Vladi, B. (2017). Risk management in public sector: A literature review. European journal of multidisciplinary studies, 2(5), 190-196. 10.26417/ejms.v5i1.p323-329
  2. Al Habsyi, S., Suharman, H., & Handoyo, S. (2021). Effect of GRC and Intellectual Capital on Company Performance. JRAK, 13(2), 106-112. https://doi.org/10.23969/jrak.v13i2.4130
  3. Azhar, M. (2021). Evaluasi Kesiapan PT. X Untuk Penerapan Governance, Risk, Dan, Compliance (GRC).
  4. Batenburg, R., Neppelenbroek, M., & Shahim, A. (2014). A maturity model for governance, risk management and compliance in hospitals. Journal of Hospital Administration, 3(4), 43-52. http://dx.doi.org/10.5430/jha.v3n4p43
  5. Borg Caruana, S. (2018). Determining the governance, risk management & compliance maturity of credit institutions by applying the Basel & OCEG recommendations as a theoretical index. University of Malta.
  6. CRMS. (2018). Saatnya Merealisasikan Pelaksanaan GRC dengan Pendekatan Terintegrasi. Retrieved from https://crmsindonesia.org/publications/saatnya-merealisasikan-pelaksanaan-grc-dengan-pendekatan-terintegrasi/
  7. Gunawan, R. M. B. (2021). GRC (Good Governance, Risk Management, And Compliance)-Rajawali Pers: PT. RajaGrafindo Persada.
  8. Halisa, N. N. (2020). Peran manajemen sumber daya manusia" sistem rekrutmen, seleksi, kompetensi dan pelatihan" terhadap keunggulan kompetitif: Literature review. ADI Bisnis Digital Interdisiplin Jurnal, 1(2 Desember), 14-22. https://doi.org/10.34306/abdi.v1i2.168
  9. Handoko, B. L., Riantono, I. E., & Gani, E. (2020). Importance and Benefit of Application of Governance Risk and Compliance Principle. Systematic Reviews in Pharmacy, 11(9).
  10. Hartono, A. L. D. (2014). Konsep Sosialisasi mengenai Strategi Perusahaan kepada Karyawan Lapangan di PT HM Sampoerna Tbk. Studi Kasus pada “5 Key Operations Strategies 2013-2015”. Jurnal Ilmu Komunikasi, 1-15.
  11. Hermawan, A., & Novita, N. (2021). The Effect of Governance, Risk Management, and Compliance on Efforts to Minimize Potential Fraud Based on the Fraud Pentagon Concept. Asia Pacific Fraud Journal, 6(1), 82-95. https://doi.org/10.21532/apfjournal.v6i1.196
  12. IRMAPA. (2020). PANDUAN MENCAPAI MODEL KEUNGGULAN GOVERNANCE, RISK MANAGEMENT, AND COMPLIANCE (GRC).
  13. Kelvianto, I. (2018). Implementasi prinsip-prinsip good corporate governance untuk keberlanjutan usaha pada perusahaan yang bergerak di bidang manufaktur pengolahan kayu. Agora, 6(2).
  14. Kembaren, S. Y. S., Endro, G., & Pendrian, O. (2022). Effect of governance, risk management and compliance on a firm’s value (healthcare industry). Enrichment: Journal of Management, 12(5), 4076-4087. https://doi.org/10.35335/enrichment.v12i5.947
  15. KNKG. (2022). PEDOMAN UMUM GOVERNANSI KOPERASI INDONESIA (PUG-KOPIN).
  16. Lam, J. (2017). Implementing enterprise risk management: From methods to applications: John Wiley & Sons.
  17. Lubis, R. H. (2020). Governance, Risk Management, and Compliance: Implementasi dan Implikasi Pada Koperasi Syariah di Kota Tangerang Selatan.
  18. Marmen, J. (2022). EFFECTS OF GOVERNANCE, RISK, AND COMPLIANCE (GRC) IMPLEMENTATION ON PROVINCIAL DEVELOPMENT BANK PERFORMANCE. Neuroquantology, 20(15), 6966.
  19. Maulana, M. W., & Iradianty, A. (2022). Analisis Pengaruh Governance, Risk, And Compliance Terhadap Kinerja Keuangan Bank Umum Syariah di Indonesia Periode 2016-2020. eProceedings of Management, 9(2).
  20. Mitchell, S. (2019). GRC Capability Model™ 3.5 (OCEG Red Book) FREE VERSION. Retrieved from https:/www.oceg.org/grc-capability-model-red-book/
  21. Nur’aini, R. D. (2020). Penerapan metode studi kasus YIN dalam penelitian arsitektur dan perilaku. INERSIA lnformasi dan Ekspose Hasil Riset Teknik Sipil dan Arsitektur, 16(1), 92-104.
  22. Papazafeiropoulou, A., & Spanaki, K. (2016). Understanding governance, risk and compliance information systems (GRC IS): The experts view. Information Systems Frontiers, 18, 1251-1263. https://doi.org/10.1007/s10796-015-9572-3
  23. Pertiwi, A. P., & Muslih, M. (2023). PENGARUH GOVERNANCE, RISK AND COMPLIANCE (GRC) DAN UKURAN PERUSAHAAN TERHADAP KINERJA KEUANGAN. Jurnal Ilmiah Manajemen, Ekonomi, & Akuntansi (MEA), 7(1), 537-554. https://doi.org/10.31955/mea.v7i1.2904
  24. Priyarsono, D., Gustrian, R. R., Vorst, C. R., Supriyadi, H., Yulian, A., & Munawar, Y. (2023). Risk management in private companies and public sector organizations: A preliminary comparative study. Jurnal Organisasi dan Manajemen, 19(1), 256-272. 10.33830/jom.v19i1.4126.2023
  25. Priyono, P., & Marnis. (2008). BUKU MANAJEMEN SUMBER DAYA MANUSIA (2).
  26. Putri, W. E., & Lindrianasari, L. (2023). PENGARUH PENERAPAN GRC TERINTEGRASI TERHADAP VALUE CREATION. JURNAL ILMIAH EDUNOMIKA, 7(2). https://doi.org/10.29040/jie.v7i2.8970
  27. Rozie, T. F. (2023). Analisis TIngkat Maturitas Model Keunggulan Governance Risk Compliance (GRC) Pada Komisi Pemberantasan Korupsi. Universitas Gadjah Mada.
  28. Setyawan, A. N., & Iradianty, A. (2021). Pengaruh Penerapan Governance, Risk, and Compliance terhadap Return Saham pada Bank Umum Swasta Nasional Devisa yang Terdaftar di BEI Tahun 2016-2020. Jurnal Mirai Management, 6(2), 14-31. https://doi.org/10.37531/mirai.v7i3.2415
  29. Shahim, A., Batenburg, R., & Vermunt, G. (2012). Governance, risk and compliance: a strategic alignment perspective applied to two case studies. Paper presented at the ICT Critical Infrastructures and Society: 10th IFIP TC 9 International Conference on Human Choice and Computers, HCC10 2012, Amsterdam, The Netherlands, September 27-28, 2012. Proceedings 10.
  30. Vorst, C. R., Priyarsono, D. S., & Budiman, A. (2018). Manajemen Risiko Berbasis SNI ISO 31000. Jakarta: Badan Standardisasi Nasional.
  31. Wibowo, S., Achsani, N. A., Suroso, A. I., & Sasongko, H. (2022). Integrated governance, risk, and compliance (GRC) and combined assurance: A comparative institutional study. Indonesian Journal of Business and Entrepreneurship (IJBE), 8(2), 289-289. https://doi.org/10.17358/ijbe.8.2.289
  32. Zammit, C., Grima, S., & Kizilkaya, Y. M. (2021). A Maturity Evaluation of Governance, Risk Management and Compliance (GRC) within the Maltese Public Sector Contemporary Issues in Public Sector Accounting and Auditing (pp. 219-255): Emerald Publishing Limited.https://doi.org/10.1108/S1569-375920200000105016