Skip to content
Reference · Valentra Glossary

The language of program-grade cybersecurity operations.

Sixteen terms that define how Valentra Nexus turns compliance programs into defensible, evidence-driven operating systems — citeable in RFPs, board decks, and analyst notes.

Program Lifecycle Stages

Agent

An automated worker within Valentra Nexus that performs evidence collection, control testing, or remediation tasks on behalf of the program.

Lifecycle Stage

Asset

Any system, application, data store, or infrastructure component that the cybersecurity program is responsible for protecting.

Lifecycle Stage

Control

A safeguard or countermeasure applied to an asset to reduce risk, mapped to one or more compliance frameworks.

Lifecycle Stage

Decision

A documented judgment made by a program owner about risk acceptance, control selection, resource allocation, or remediation priority.

Lifecycle Stage

Decision Packet

A structured briefing artifact that consolidates risk posture, evidence gaps, and recommended actions into a single reviewable surface for program leadership.

Lifecycle Stage

Evidence

An artifact that demonstrates whether a control is operating effectively, collected continuously or on a scheduled cadence.

Lifecycle Stage

Framework

A structured set of controls and requirements published by a standards body, such as NIST CSF, HIPAA, or SOC 2, against which the program measures compliance.

Lifecycle Stage

Lifecycle Stage

One of six sequential phases in the Valentra program lifecycle: Asset, Risk, Control, Evidence, Work, and Decision.

Lifecycle Stage

Live Board

A real-time operational view that surfaces program health, control status, and evidence freshness across the entire asset inventory.

Lifecycle Stage

Risk

A quantified or qualified measure of the likelihood and impact of a threat exploiting a vulnerability in an asset.

Lifecycle Stage

Truth Spine

The authoritative data backbone connecting assets, risks, controls, and evidence into a single auditable lineage across the program.

Lifecycle Stage

Work

A discrete unit of remediation, implementation, or assessment activity tracked through the program lifecycle.

Lifecycle Stage

Productized Vocabulary

Decision Output

A formal record of a program decision and its downstream effects, replacing the legacy concept of "Reports" with actionable, auditable artifacts.

Productized Rename

Exposure Signal

A consolidated indicator of unmitigated risk derived from control gaps, stale evidence, and unresolved findings across the asset inventory. Replaces the legacy term "Findings."

Productized Rename

Program Operating Layer

The unified operational surface through which a cybersecurity program manages assets, risks, controls, evidence, and decisions. Replaces the legacy concept of a "GRC Platform."

Productized Rename

Work Item

A tracked unit of remediation or implementation work assigned to a team member, replacing the legacy concept of "Tickets" with program-aware context.

Productized Rename

The Valentra Glossary defines sixteen terms for program-grade cybersecurity operations — the vocabulary by which Valentra Nexus turns compliance programs into defensible, evidence-driven operating systems, citeable in RFPs, board decks, and analyst notes.

as of