Some talk about opportunity as “the other side of the coin” from risk.
One is good and the other bad.
That is how COSO views the two words, risk and opportunity. ISO seems them differently, defining risk as the effect on objectives. That effect could be positive or harmful.
A few governance codes, such as the King IV code in South Africa, have changed their language from talking about board oversight of risk management to the oversight of risk and opportunity management.
In this view, an opportunity is where there is a possibility for action that is likely to lead to reward or gain. For example, if a homeowner is dissatisfied with his or her realtor, that is an opportunity for another realtor.
Certainly, those situations exist and organizations need to be able to recognize, understand, assess, and then seize them where appropriate.
I encourage you to view this excellent video with David Hillson (a.k.a. the Risk Doctor): Risk and Opportunity: How can risk be good?
As David points out (and I said in World-Class Risk Management and Risk Management in Plain English), the tools and techniques traditionally used to ‘manage’ potential harms (risks, in normal language) can and probably should be used to manage the potential for gain (opportunities).
Others, such as suggested in an article from software vendor…
