“…The COSO ERM has become a standard and de facto risk management framework for large companies (Weeserik & Spruit, 2018). The COSO ERM consists of eight components, namely the determination of the risk context (objectives), risk assessment, event identification, risk assessment, risk response, control activities, information and communication, and monitoring, meanwhile the traditional risk management system consists of five components, namely identification, analysis, evaluating, managing and monitoring risk (Annamalah et al, 2018). According to (Frigo, 2009) three ERM COSO elements relate to the strategy ERM deals directly with the determination of the strategy and becomes effective if embedded and connected directly with the development of the company strategy, ERM design to identify events that may affect the company strategy performance; the objective of ERM is to assure that the company achieves the strategic objective.…”