Managing Risk Of Refinery Megaproject Based on ISO 31000 and PMBOK

In order to improve national energy security and the competitiveness of the refinery industry, PT Pertamina (Persero) implements the Refinery Development Master Plan (RDMP), which is consist of revamping 4 units of existing refineries and building 2 units of new grass root refinery. In this paper we will discuss risk management for the RDMP project based PMBOK and ISO 31000 RDMP. RDMP Project management is divided into two stages, namely project development and project execution, risk management has been implemented since the project initiation until commissioning startup. The process of risk management referring to PMBOK are plan risk management, identify risks, qualitative risk analysis, quantitative risk analysis, plan risk responses, implement risk responses and monitor risks. We determined risk limit for project 5% of investment costs, while the ongoing stage is 5% of the current year's budget, those number represented our risk appetite. Furthermore, the risk identification stage followed by qualitative risk analysis obtained 170 risk events with 21% in the categories of strategy & planning aspect, 4% compliance aspect and the remaining 54% operations / infrastructure aspect. This is in line with the theory that stated at the project development stage having higher risk than at the execution stage, and the top risk category is related to business strategy risk, namely the business scheme (tolling or merchant), getting the right partner, project financing, land acquisition, most of the top risk are risk owned by Project Development Department. The quantitative risk analysis (QRA) stage has two tasks, namely numerical simulation of project economics and numerical simulation of cost & schedule. Once of the overall project risks can be seen from the QRA results, probability of completed project duration P80 for RDMP Balikpapan project is 58 months while P50 is 57 months and P90 is 59 months. To assess the effectiveness of risk management and project management, a maturity assessment has been carried out with results of level 2.65 of scale 5 for project management and 3.3 of scale 5 for project risk management. When implementing project risk management, we use for both PMBOK and also ISO 31000 frame work, this feels very complementary. As an example the need for risk maturity as a review of risk management implementation, mandate & commitment and the existence of a 1 Second Editions are previously published papers that have continued relevance in today’s project management world, or which were originally published in conference proceedings or in a language other than English. Original publication acknowledged; authors retain copyright. This paper was originally presented at the 8 Scientific Conference on Project Management in the Baltic States at the University of Latvia in April 2019. It is republished here with the permission of the author and conference organizers. 2 How to cite this paper: Wisianto, A. (2019); Managing Risk of Refinery Megaproject based on ISO 31000 and PMBOK; presented at the 8 Scientific Conference on Project Management in the Baltic States, University of Latvia, April 2019; republished in the PM World Journal, Vol. VIII, Issue IV, May. PM World Journal Managing Risk of Refinery Megaproject Vol. VIII, Issue IV – May 2019 by Arie Wisianto www.pmworldjournal.com Second Edition © 2019 University of Latvia www.pmworldlibrary.net Page 2 of 9 © 2019 Professional Association of Project Managers Risk Management Policy, the principles and risk management framework of ISO 31000 are very beneficial. On the other hand, emphasizing positive and negative risks, links with the knowledge areas and other process groups by PMBOK are very helpful in integrating project risk. When conducting risk management Pertamina equipped with web-based Enterprise Risk Management System (ERMS) to facilitate data and communication processes. From the discussion it can be concluded that ISO 31000 and PMBOK complement each other in carrying out project risk management, quantitative risk analysis can describe overall risk of the project, maturity assessment helps measuring the effectiveness of risk management and gap analysis, risk management information system is very necessary in carrying out risk management