<![CDATA[This article assesses the maturity of PT Kereta Api Indonesia (Persero)'s Governance, Risk, and Compliance (GRC) capabilities through the lens of strategic alignment. The research uses documentary analysis of 2024 documents (Annual and Sustainability Reports, Company Profiles, and Financial Reports) mapped to 23 OCEG practices (12–7–4) with a maturity scale of 1–5. The procedure includes audit trail evidence mapping and a double scoring scheme to improve replicability. The results indicate Levels 3 to 4 in several practices: Governance (KPIs & reporting, transparency/PPID, SPI/ICS effectiveness statements), Risk (digitalized ISO 31000 cycle through SMARTKA/RCSA and its correlation with RKAP/RJPP and safety/IBPR), and Compliance (implementation of SMAP ISO 37001, WBS updates and their integration with national authorities, and compliance reporting discipline). The Strategic Alignment Model analysis indicates a Path B (Technology Transformation) pattern with Path D (Service Level) elements through the integration of GRC solutions into the performance infrastructure (KPI/ICS). This study offers a replicable GRC assessment protocol with the case of state-owned railway companies. The findings reinforce the evidence that integrated GRC can improve the total performance of public service organizations.]]>
Copyrights © 2026
