How does deployment work?

Certexi deploys on your infrastructure — on-premise, private cloud, or air-gapped environments. Basic deployment takes 1-2 days. Enterprise deployments with custom integrations typically take 1-2 weeks.

Your data stays on your own infrastructure (on-premise or private cloud). We use SSL/TLS 256-bit encryption, comply with GDPR, and align with ISO 27001. We never access your operational data.

How long does implementation take?

Basic implementation takes 1-2 days. For enterprise deployments with custom integrations, typically 1-2 weeks. Configuration support is included in all plans.

Does it work without internet?

Yes. Certexi operates locally on your network. Offline mode allows full operation for up to 60 days without connectivity. Data syncs automatically when connection is restored.

Global

ISO 27001 certification with ISMS evidence generated automatically

ISO 27001:2022 — Information Security Management Systems

Risk treatment records, control effectiveness evidence, security incident management, and audit documentation — built into security operations so certification audits find everything ready.

ISO certification bodiesGlobal

Request Architecture Session

Private deployment · Sovereign infrastructure · Architecture session included

About ISO 27001

ISO 27001 is the international standard for information security management systems. It provides a framework for establishing, implementing, maintaining, and improving an ISMS.

Top audit finding

"Control effectiveness evidence absent — controls documented as implemented but with no evidence they operate effectively"

Most common ISO 27001 non-conformance finding

Requirement mapping

ISO 27001 requirements — and how Certexi addresses them

Framework requirements

1Information security risk assessment with documented methodology
2Risk treatment plan with control selection and implementation evidence
3Statement of Applicability with justification for included/excluded controls
4Security incident management with investigation and improvement records
5Internal audit program with documented non-conformances and CAPA
6Management review with evidence of ISMS performance

Certexi approach

Risk register with treatment records and control effectiveness evidence linked
Security incident workflow: detect → classify → investigate → contain → recover → document
Access control records: provisioning, review, modification, and deprovisioning with evidence
Internal audit workflow with finding records and CAPA tracking
ISO 27001 audit bundle: Annex A control organized evidence for any audit period

Industry relevance

Sectors where ISO 27001 compliance applies

Manufacturing & Operations

Energy & Utilities

Healthcare & Pharma

Government & Public Sector

Core capabilities

Use cases central to ISO 27001 compliance

risk assessment incident reporting audit preparation access control records training records

PRICING

Aligned to Operational Value, Not User Count

Pricing scales with deployment scope, not headcount. Your data. Your infrastructure. Your rules.

All plans include private deployment. Your data never leaves your infrastructure.

ISO 27001 Aligned

Private Deployment

Unlimited Users

Currency

Pilot

Validate before you commit

Custom

5 spots per quarter

Full platform deployment
Configuration support
Onboarding and training
Direct product team access
Feedback-driven iteration
8-week evaluation period

Standard

Single-location operations

From $4,800 / month

per month, billed annually

All core platform capabilities
Standard template library
Private deployment included
Email support (24h response)
Quarterly platform updates
Unlimited users

Enterprise

Multi-location, high-compliance

Custom

Based on deployment scope

Everything in Standard
Custom template development
Dedicated support engineer
SLA guarantees
Advanced integrations
Air-gapped deployment option

Private Deployment Included in All Plans

Every plan includes full deployment on your infrastructure — Nextcloud, Linux servers, Docker, Kubernetes, or air-gapped environments. Your data never leaves your control.

ISO 27001 evidence generated by security operations, not assembled for auditors.

Private deployment on your infrastructure. Architecture session included.

Request Architecture Session