The language of program-grade cybersecurity operations.
Sixteen terms that define how Valentra Nexus turns compliance programs into defensible, evidence-driven operating systems — citeable in RFPs, board decks, and analyst notes.
Program Lifecycle Stages
Agent
An automated worker within Valentra Nexus that performs evidence collection, control testing, or remediation tasks on behalf of the program.
Lifecycle StageAsset
Any system, application, data store, or infrastructure component that the cybersecurity program is responsible for protecting.
Lifecycle StageControl
A safeguard or countermeasure applied to an asset to reduce risk, mapped to one or more compliance frameworks.
Lifecycle StageDecision
A documented judgment made by a program owner about risk acceptance, control selection, resource allocation, or remediation priority.
Lifecycle StageDecision Packet
A structured briefing artifact that consolidates risk posture, evidence gaps, and recommended actions into a single reviewable surface for program leadership.
Lifecycle StageEvidence
An artifact that demonstrates whether a control is operating effectively, collected continuously or on a scheduled cadence.
Lifecycle StageFramework
A structured set of controls and requirements published by a standards body, such as NIST CSF, HIPAA, or SOC 2, against which the program measures compliance.
Lifecycle StageLifecycle Stage
One of six sequential phases in the Valentra program lifecycle: Asset, Risk, Control, Evidence, Work, and Decision.
Lifecycle StageLive Board
A real-time operational view that surfaces program health, control status, and evidence freshness across the entire asset inventory.
Lifecycle StageRisk
A quantified or qualified measure of the likelihood and impact of a threat exploiting a vulnerability in an asset.
Lifecycle StageTruth Spine
The authoritative data backbone connecting assets, risks, controls, and evidence into a single auditable lineage across the program.
Lifecycle StageWork
A discrete unit of remediation, implementation, or assessment activity tracked through the program lifecycle.
Lifecycle StageProductized Vocabulary
Decision Output
A formal record of a program decision and its downstream effects, replacing the legacy concept of "Reports" with actionable, auditable artifacts.
Productized RenameExposure Signal
A consolidated indicator of unmitigated risk derived from control gaps, stale evidence, and unresolved findings across the asset inventory. Replaces the legacy term "Findings."
Productized RenameProgram Operating Layer
The unified operational surface through which a cybersecurity program manages assets, risks, controls, evidence, and decisions. Replaces the legacy concept of a "GRC Platform."
Productized RenameWork Item
A tracked unit of remediation or implementation work assigned to a team member, replacing the legacy concept of "Tickets" with program-aware context.
Productized Rename