I'm continuing to read Project Risk Management: A Practical Implementation Approach by Mike Bissonette. The current Wikipedia definition of risk and the PMBOK Guide's definition both address risk from the standpoint of threats and opportunities. From the PMBOK Guide:
An event or condition that, if it occurs, has a positive or negative effect on one or more project objectives.
This information is added to the Risk Register. Bissonette suggests cause and effect metalanguage to use in the Risk Register (<risk> due to <cause>). The PMBOK Guide Sixth Edition (188.8.131.52) lists information that may be included in the Risk Register, including identified risk, cause, potential risk owners, and potential risk responses.
Thus, the PMBOK guide Risk Management knowledge area processes are approached with an eye to decreasing the likelihood of threats and increasing the likelihood of opportunities.
It's a fascinating book and I'm plowing ahead with it!