Risk management has become a core part of project initiation and execution since its formal recognition in projects in the 1980s. However, the methods used in practice still reflect the early reliance on lists (or “risk registers”) of individual risk items (Williams, 1994). The Project Management Institute's A Guide to the Project Management Body of Knowledge (PMBOK ® Guide) – Fifth Edition (2013) (which is an ANSI standard) in its latest version makes brief mentions of the existence of methods to deal with inter-relatedness. In the United Kingdom, the Association for Project Management's Project Risk Analysis and Management Guide (2004) has an appendix on the issue but later publications, including their guide on Prioritising Project Risks] (Association for Project Management, 2008), are clearly geared toward understanding and prioritizing individual risks. Leitch (2011) points out that ISO 31000 offers no recommendations on aggregating, splitting, or combining risks. Indeed, an influential review risk management standard in 2005 made no mention of risk combinations (Raz & Hillson, 2005). These standards do not actually prohibit more systemic thinking. However, Hodgson's (2002) Foucauldian analysis shows how, although those advocating project management toolkits claim them to be “universal and politically neutral,” their actual use in practice enforced by management leads to a specific way of thinking and indeed ontology inculcated into an organization, thus actually inhibiting systemic thinking.