Managing Risk of Refinery Megaproject based on ISO 31000 and PMBOK.

In order to improve national energy security and the competitiveness of the refinery industry, PT Pertamina (Persero) implements the Refinery Development Master Plan (RDMP), which is consist of revamping 4 units of existing refineries and building 2 units of new grass root refinery. In this paper we will discuss risk management for the RDMP project based PMBOK and ISO 31000 RDMP. RDMP Project management is divided into two stages, namely project development and project execution, risk management has been implemented since the project initiation until commissioning startup. The process of risk management referring to PMBOK are plan risk management, identify risks, qualitative risk analysis, quantitative risk analysis, plan risk responses, implement risk responses and monitor risks. We determined risk limit for project 5% of investment costs, while the ongoing stage is 5% of the current year's budget, those number represented our risk appetite. Furthermore, the risk identification stage followed by qualitative risk analysis obtained 170 risk events with 21% in the categories of strategy & planning aspect, 4% compliance aspect and the remaining 54% operations / infrastructure aspect. This is in line with the theory that stated at the project development stage having higher risk than at the execution stage, and the top risk category is related to business strategy risk, namely the business scheme (tolling or merchant), getting the right partner, project financing, land acquisition, most of the top risk are risk owned by Project Development Department. The quantitative risk analysis (QRA) stage has two tasks, namely numerical simulation of project economics and numerical simulation of cost & schedule. Once of the overall project risks can be seen from the QRA results, probability of completed project duration P80 for RDMP Balikpapan project is 58 months while P50 is 57 months and P90 is 59 months. To assess the effectiveness of risk management and project management, a maturity assessment has been carried out with results of level 2.65 of scale 5 for project management and 3.3 of scale 5 for project risk management. When implementing project risk management, we use for both PMBOK and also ISO 31000 frame work, this feels very complementary. As an example the need for risk maturity as a review of risk management implementation, mandate & commitment and the existence of a Risk Management Policy, the principles and risk management framework of ISO 31000 are very beneficial. On the other hand, emphasizing positive and negative risks, links with the knowledge areas and other process groups by PMBOK are very helpful in integrating project risk. When conducting risk management Pertamina equipped with web-based Enterprise Risk Management System (ERMS) to facilitate data and communication processes. From the discussion it can be concluded that ISO 31000 and PMBOK complement each other in carrying out project risk management, quantitative risk analysis can describe overall risk of the project, maturity assessment helps measuring the effectiveness of risk management and gap analysis, risk management information system is very necessary in carrying out risk management. [ABSTRACT FROM AUTHOR]