How does deployment work?

Certexi deploys on your infrastructure — on-premise, private cloud, or air-gapped environments. Basic deployment takes 1-2 days. Enterprise deployments with custom integrations typically take 1-2 weeks.

Your data stays on your own infrastructure (on-premise or private cloud). We use SSL/TLS 256-bit encryption, comply with GDPR, and align with ISO 27001. We never access your operational data.

How long does implementation take?

Basic implementation takes 1-2 days. For enterprise deployments with custom integrations, typically 1-2 weeks. Configuration support is included in all plans.

Does it work without internet?

Yes. Certexi operates locally on your network. Offline mode allows full operation for up to 60 days without connectivity. Data syncs automatically when connection is restored.

United States, Canada (bulk electric system)

NERC CIP compliance evidence that FERC auditors find organized and complete

NERC Critical Infrastructure Protection (CIP) Standards

Physical security records, cyber system access logs, and vulnerability management evidence — generated continuously from utility operations so FERC audits are not multi-week scrambles.

FERC (Federal Energy Regulatory Commission), NERC, Regional EntitiesUnited States, Canada (bulk electric system)

Request Architecture Session

Private deployment · Sovereign infrastructure · Architecture session included

About NERC CIP

NERC CIP standards establish requirements for securing the bulk electric system, covering physical security, cyber security, incident reporting, and supply chain risk management.

Top audit finding

"Physical access reviews not performed at required frequency with documented evidence of review"

Most common NERC CIP non-conformance finding

Requirement mapping

NERC CIP requirements — and how Certexi addresses them

Framework requirements

1BES Cyber System identification and classification
2Physical security plans with access records for Electronic Security Perimeters
3Electronic access management with authorization and access logs
4Security awareness and training with completion records
5Incident identification, classification, and reporting
6Physical security event logging and review

Certexi approach

Physical access records: PACS event logs correlated with authorized personnel lists
Electronic access management records: provisioning, review, and deprovisioning workflows
Security training matrix: CIP required training by role with completion evidence
Incident management: classification against CIP reportability thresholds with notification records
FERC audit bundle: organized by CIP standard and requirement with evidence linkage

Industry relevance

Sectors where NERC CIP compliance applies

Energy & Utilities

Core capabilities

Use cases central to NERC CIP compliance

access control records incident reporting audit preparation training records

PRICING

Aligned to Operational Value, Not User Count

Pricing scales with deployment scope, not headcount. Your data. Your infrastructure. Your rules.

All plans include private deployment. Your data never leaves your infrastructure.

ISO 27001 Aligned

Private Deployment

Unlimited Users

Currency

Pilot

Validate before you commit

Custom

5 spots per quarter

Full platform deployment
Configuration support
Onboarding and training
Direct product team access
Feedback-driven iteration
8-week evaluation period

Standard

Single-location operations

From $4,800 / month

per month, billed annually

All core platform capabilities
Standard template library
Private deployment included
Email support (24h response)
Quarterly platform updates
Unlimited users

Enterprise

Multi-location, high-compliance

Custom

Based on deployment scope

Everything in Standard
Custom template development
Dedicated support engineer
SLA guarantees
Advanced integrations
Air-gapped deployment option

Private Deployment Included in All Plans

Every plan includes full deployment on your infrastructure — Nextcloud, Linux servers, Docker, Kubernetes, or air-gapped environments. Your data never leaves your control.

NERC CIP compliance evidence maintained continuously, not assembled before FERC audits.

Private deployment on your infrastructure. Architecture session included.

Request Architecture Session