Project managers have used 'upside risk' for two decades. The term lands awkwardly in quality circles — partly because 'risk' carries downside connotations, partly because no one has bothered to translate the project-management vocabulary into clauses an auditor recognizes.
Where the term comes from
PMBOK names four risk responses on the downside (avoid, transfer, mitigate, accept) and four matching responses on the upside (exploit, share, enhance, accept). The symmetry is the whole point: the same uncertainty can be managed in opposite directions.
Translating into QMS verbs
QMS audiences flinch at 'exploit.' Re-language without losing the discipline:
- Exploit → Pursue actively (resource it now).
- Share → Partner (form a joint pursuit with a supplier or customer).
- Enhance → Increase likelihood (invest to improve the odds).
- Accept → Monitor (record but do not act yet).
Why the translation matters
Without paired verbs, every opportunity entry collapses into 'we should look at this' — a wishlist, not a register. Paired verbs force a decision: the opportunity is being pursued, partnered, enhanced, or merely monitored. Each of those is auditable.