n8n for CivTech/SmartCity SaaS Vendors: 5 Automations for NEPA, ADA Title II, FCC FirstNet, and CISA (Free JSON)

#n8n #security #automation #programming

If your platform serves city governments, transit authorities, water utilities, or emergency management agencies, your customers face a compliance stack that most SaaS vendors never fully map: NEPA §102 environmental review requirements, FHWA §106 historic preservation consultation, ADA Title II public services obligations, FCC FirstNet priority communications mandates, and CISA Critical Infrastructure protection requirements. These are not checkbox items — they are statutory obligations backed by civil and criminal enforcement.

Here are five n8n automation workflows purpose-built for CivTech and SmartCity SaaS vendors. These are the workflows your government procurement reviewers ask about in their security questionnaires — and the ones that differentiate your platform from generic enterprise SaaS.

1. Government Customer Onboarding Drip

Your customers span seven distinct tiers with fundamentally different compliance obligations: LARGE_CITY_GOVERNMENT (CISA Critical Infrastructure, FCC FirstNet, ADA Title II, FISMA if federally funded), COUNTY_GOVERNMENT (NEPA §102 if federal nexus, ADA Title II, open data mandate), STATE_DOT (FHWA §106 historic preservation, NEPA EIS milestones, FHWA ITS), TRANSIT_AUTHORITY (ADA Title II paratransit, FTA compliance, ADA complaints), WATER_UTILITY (EPA SDWA §1413 primacy, CISA Critical Infrastructure, CCR reporting), EMERGENCY_MANAGEMENT_AGENCY (CISA, FCC FirstNet, FEMA grant deadlines), and SMART_CITY_TECH_VENDOR (CPSC product obligations, cybersecurity, SOC 2).

The onboarding workflow classifies each customer at webhook trigger and sets seven compliance flags: NEPA_EIS_REQUIRED, FHWA_SECTION_106_APPLICABLE, ADA_TITLE_II_APPLICABLE (always true for government entities), FCC_FIRSTNET_SUBSCRIBER, CISA_CRITICAL_INFRASTRUCTURE, FISMA_APPLICABLE, and OPEN_DATA_MANDATE. Day 0 sends tier-specific setup guidance — a LARGE_CITY_GOVERNMENT gets CISA Critical Infrastructure alerting configuration; a STATE_DOT gets FHWA §106 consultation deadline tracker setup. Day 3 covers integration checklists; Day 7 covers advanced multi-agency KPI dashboard configuration.

{"name": "CivTech Government Customer Onboarding Drip", "nodes": [{"id": "1", "name": "Webhook", "type": "n8n-nodes-base.webhook", "typeVersion": 2, "position": [250, 300], "parameters": {"path": "/civtech-onboarding", "httpMethod": "POST", "responseMode": "responseNode"}}, {"id": "2", "name": "Classify Customer", "type": "n8n-nodes-base.code", "typeVersion": 2, "position": [470, 300], "parameters": {"jsCode": "const d = $input.first().json;\nconst tier = d.org_type === 'large_city' ? 'LARGE_CITY_GOVERNMENT'\n  : d.org_type === 'county' ? 'COUNTY_GOVERNMENT'\n  : d.org_type === 'state_dot' ? 'STATE_DOT'\n  : d.org_type === 'transit_authority' ? 'TRANSIT_AUTHORITY'\n  : d.org_type === 'water_utility' ? 'WATER_UTILITY'\n  : d.org_type === 'emergency_mgmt' ? 'EMERGENCY_MANAGEMENT_AGENCY'\n  : 'SMART_CITY_TECH_VENDOR';\nconst flags = {\n  NEPA_EIS_REQUIRED: !!(d.federal_nexus || d.nepa_eis),\n  FHWA_SECTION_106_APPLICABLE: !!(d.transportation_project || d.fhwa_funding),\n  ADA_TITLE_II_APPLICABLE: true,\n  FCC_FIRSTNET_SUBSCRIBER: !!(d.public_safety_comms || d.firstnet_band14),\n  CISA_CRITICAL_INFRASTRUCTURE: !!(d.critical_infra_sector || d.cisa_ssp),\n  FISMA_APPLICABLE: !!(d.federal_system || d.ato_required),\n  OPEN_DATA_MANDATE: !!(d.open_data_policy || d.opengov_mandate)\n};\nconst day0map = {\n  LARGE_CITY_GOVERNMENT: 'Your platform is configured with CISA Critical Infrastructure alerting, ADA Title II accessibility monitoring, and FCC FirstNet priority access workflows. Import your NEPA deadline tracker in under 3 minutes.',\n  COUNTY_GOVERNMENT: 'Your county ops platform is active. NEPA \u00a7102 environmental review tracking and ADA Title II self-evaluation workflows are pre-enabled for your jurisdiction.',\n  STATE_DOT: 'Your transportation platform is live. FHWA \u00a7106 historic preservation review deadlines and NEPA EIS milestone tracking are wired for your DOT program offices.',\n  TRANSIT_AUTHORITY: 'Your transit platform is ready. ADA Title II paratransit compliance monitoring and FTA audit trail workflows are active for your service area.',\n  WATER_UTILITY: 'Your water utility platform is live. EPA SDWA monitoring, CISA Critical Infrastructure reporting, and CCR deadline tracking are pre-configured.',\n  EMERGENCY_MANAGEMENT_AGENCY: 'Your emergency management platform is active. CISA alert pipelines, FCC FirstNet status monitoring, and FEMA grant deadline tracking are configured.',\n  SMART_CITY_TECH_VENDOR: 'Your platform is active. Government compliance workflow templates for NEPA, ADA Title II, CISA, FCC FirstNet, and FISMA are included in your account.'\n};\nreturn [{ json: { ...d, tier, flags,\n  day0_subject: `Welcome to the platform, ${d.org_name || 'your agency'} \u2014 your government compliance workflow setup guide`,\n  day0_body: day0map[tier],\n  day3_subject: `${d.org_name || 'Your agency'}: activate your compliance deadline tracker this week`,\n  day7_subject: `Advanced: multi-agency KPI dashboards and cross-jurisdiction alerting` } }];"}}, {"id": "3", "name": "Day 0 Welcome", "type": "n8n-nodes-base.gmail", "typeVersion": 2, "position": [690, 300], "parameters": {"operation": "send", "sendTo": "={{ $json.contact_email }}", "subject": "={{ $json.day0_subject }}", "message": "={{ '<h2>Welcome, ' + ($json.org_name || 'your agency') + '</h2><p>' + $json.day0_body + '</p><p><a href=\"https://stripeai.gumroad.com\">Import your first workflow \u2014 stripeai.gumroad.com</a></p>' }}"}}, {"id": "4", "name": "Log to Sheets", "type": "n8n-nodes-base.googleSheets", "typeVersion": 4, "position": [910, 300], "parameters": {"operation": "append", "documentId": "YOUR_SHEET_ID", "sheetName": "CivTech_Onboarding", "columns": {"mappingMode": "autoMapInputData"}}}, {"id": "5", "name": "Wait 3 Days", "type": "n8n-nodes-base.wait", "typeVersion": 1, "position": [1130, 300], "parameters": {"resume": "timeInterval", "amount": 3, "unit": "days"}}, {"id": "6", "name": "Day 3 Compliance Tips", "type": "n8n-nodes-base.gmail", "typeVersion": 2, "position": [1350, 300], "parameters": {"operation": "send", "sendTo": "={{ $json.contact_email }}", "subject": "={{ $json.day3_subject }}", "message": "=<p>Hi {{ $json.contact_name }},</p><p>Three workflows {{ $json.tier }} teams activate first:</p><ul><li><strong>Compliance deadline tracker</strong> \u2014 NEPA, ADA Title II, CISA audit dates auto-routed to the right team with OVERDUE/CRITICAL/URGENT tiers</li><li><strong>Infrastructure health monitor</strong> \u2014 smart city sensor and API uptime with CISA escalation logic</li><li><strong>Critical incident pipeline</strong> \u2014 events routed to ops and CISA within statutory SLA windows</li></ul><p><a href=\"https://stripeai.gumroad.com\">Full JSON library \u2014 stripeai.gumroad.com</a></p>"}}, {"id": "7", "name": "Wait 4 Days", "type": "n8n-nodes-base.wait", "typeVersion": 1, "position": [1570, 300], "parameters": {"resume": "timeInterval", "amount": 4, "unit": "days"}}, {"id": "8", "name": "Day 7 Advanced", "type": "n8n-nodes-base.gmail", "typeVersion": 2, "position": [1790, 300], "parameters": {"operation": "send", "sendTo": "={{ $json.contact_email }}", "subject": "={{ $json.day7_subject }}", "message": "=<p>Hi {{ $json.contact_name }},</p><p>This week: set up your weekly CivTech KPI dashboard \u2014 active agencies, open CISA alerts, ADA complaints, and NEPA reviews in a single Monday 8AM briefing. <a href=\"https://stripeai.gumroad.com\">stripeai.gumroad.com</a></p>"}}], "connections": {"Webhook": {"main": [[{"node": "Classify Customer", "type": "main", "index": 0}]]}, "Classify Customer": {"main": [[{"node": "Day 0 Welcome", "type": "main", "index": 0}]]}, "Day 0 Welcome": {"main": [[{"node": "Log to Sheets", "type": "main", "index": 0}]]}, "Log to Sheets": {"main": [[{"node": "Wait 3 Days", "type": "main", "index": 0}]]}, "Wait 3 Days": {"main": [[{"node": "Day 3 Compliance Tips", "type": "main", "index": 0}]]}, "Day 3 Compliance Tips": {"main": [[{"node": "Wait 4 Days", "type": "main", "index": 0}]]}, "Wait 4 Days": {"main": [[{"node": "Day 7 Advanced", "type": "main", "index": 0}]]}}}

2. Smart City Infrastructure & IoT Sensor Health Monitor

Polls five critical infrastructure endpoints every five minutes. On DOWN detection, evaluates whether the outage carries a statutory clock or CISA reporting obligation and routes accordingly.

The five monitored endpoints and their regulatory annotations:

sensor_mesh_api — CISA §201 Critical Infrastructure. Downtime = loss of real-time threat detection capability. CISA requires continuous monitoring for critical sectors.
traffic_mgmt_api — FHWA ITS (Intelligent Transportation Systems). Downtime may affect NEPA traffic mitigation measure reporting obligations.
transit_avl_api — FTA ADA paratransit tracking. Downtime = ADA Title II compliance gap for paratransit scheduling and service documentation.
water_scada_api — EPA SDWA §1413. SCADA system downtime is a potential drinking water safety reporting gap requiring primacy agency notification.
emergency_comms_api — FCC FirstNet Band 14. Downtime = public safety communications priority access gap, triggering FCC Part 4 outage reporting within 2 hours.

Uses $getWorkflowStaticData to detect UP-to-DOWN transitions and prevent repeat alerts during sustained outages.

{"name": "Smart City Infrastructure API Health Monitor", "nodes": [{"id": "1", "name": "Every 5 Min", "type": "n8n-nodes-base.scheduleTrigger", "typeVersion": 1, "position": [250, 300], "parameters": {"rule": {"interval": [{"field": "minutes", "minutesInterval": 5}]}}}, {"id": "2", "name": "Load Endpoints", "type": "n8n-nodes-base.googleSheets", "typeVersion": 4, "position": [470, 300], "parameters": {"operation": "read", "documentId": "YOUR_SHEET_ID", "sheetName": "CivTech_Endpoints"}}, {"id": "3", "name": "Batch Endpoints", "type": "n8n-nodes-base.splitInBatches", "typeVersion": 3, "position": [690, 300], "parameters": {"batchSize": 1}}, {"id": "4", "name": "Ping Endpoint", "type": "n8n-nodes-base.httpRequest", "typeVersion": 4, "position": [910, 300], "parameters": {"method": "GET", "url": "={{ $json.endpoint_url }}", "timeout": 8000, "options": {"response": {"response": {"fullResponse": true}}}}}, {"id": "5", "name": "Evaluate Status", "type": "n8n-nodes-base.code", "typeVersion": 2, "position": [1130, 300], "parameters": {"jsCode": "const ep = $input.all()[0].json;\nconst resp = $input.all()[1]?.json;\nconst statusCode = resp?.statusCode || 0;\nconst responseTime = resp?.headers?.['x-response-time'] || 0;\nlet status = 'OK';\nif (!resp || statusCode >= 500) status = 'DOWN';\nelse if (statusCode >= 400) status = 'DEGRADED';\nelse if (responseTime > 3000) status = 'HIGH_LATENCY';\nconst prev = $getWorkflowStaticData('node')[ep.endpoint_name] || 'OK';\n$getWorkflowStaticData('node')[ep.endpoint_name] = status;\nconst justWentDown = (prev === 'OK' || prev === 'HIGH_LATENCY') && status === 'DOWN';\nconst cisaAnnotation = {\n  'sensor_mesh_api': 'CISA \u00a7201 Critical Infrastructure \u2014 downtime = loss of real-time threat detection',\n  'traffic_mgmt_api': 'FHWA ITS \u2014 downtime may affect NEPA mitigation measure reporting',\n  'transit_avl_api': 'FTA ADA paratransit tracking \u2014 downtime = ADA Title II compliance gap',\n  'water_scada_api': 'EPA SDWA \u00a71413 \u2014 SCADA downtime = potential drinking water safety reporting gap',\n  'emergency_comms_api': 'FCC FirstNet \u2014 downtime = public safety communications priority access gap'\n};\nreturn [{ json: { ...ep, status, prev_status: prev, justWentDown,\n  cisa_annotation: cisaAnnotation[ep.endpoint_name] || 'Infrastructure API \u2014 monitor for CISA reporting obligations',\n  alert_message: `[${status}] ${ep.endpoint_name}: ${ep.endpoint_url} \u2014 ${cisaAnnotation[ep.endpoint_name] || ''}` } }];"}}, {"id": "6", "name": "Alert if Down", "type": "n8n-nodes-base.if", "typeVersion": 2, "position": [1350, 300], "parameters": {"conditions": {"options": {"caseSensitive": true}, "conditions": [{"id": "a", "leftValue": "={{ $json.justWentDown }}", "rightValue": true, "operator": {"type": "boolean", "operation": "equals"}}]}}}, {"id": "7", "name": "Slack Critical Infra", "type": "n8n-nodes-base.slack", "typeVersion": 2, "position": [1570, 200], "parameters": {"operation": "post", "channel": "#critical-infra", "text": "={{ '\ud83d\udea8 INFRA DOWN: ' + $json.alert_message }}"}}, {"id": "8", "name": "Email Ops Director", "type": "n8n-nodes-base.gmail", "typeVersion": 2, "position": [1570, 400], "parameters": {"operation": "send", "sendTo": "ops-director@agency.gov", "subject": "={{ '[CRITICAL] ' + $json.endpoint_name + ' down \u2014 CISA annotation attached' }}", "message": "={{ '<p><strong>Endpoint:</strong> ' + $json.endpoint_name + '</p><p><strong>Status:</strong> ' + $json.status + '</p><p><strong>CISA note:</strong> ' + $json.cisa_annotation + '</p><p>Previous status: ' + $json.prev_status + '</p>' }}"}}], "connections": {"Every 5 Min": {"main": [[{"node": "Load Endpoints", "type": "main", "index": 0}]]}, "Load Endpoints": {"main": [[{"node": "Batch Endpoints", "type": "main", "index": 0}]]}, "Batch Endpoints": {"main": [[{"node": "Ping Endpoint", "type": "main", "index": 0}]]}, "Ping Endpoint": {"main": [[{"node": "Evaluate Status", "type": "main", "index": 0}]]}, "Evaluate Status": {"main": [[{"node": "Alert if Down", "type": "main", "index": 0}]]}, "Alert if Down": {"main": [[{"node": "Slack Critical Infra", "type": "main", "index": 0}], [{"node": "Email Ops Director", "type": "main", "index": 0}]]}}}

3. NEPA / FHWA / ADA / FCC / CISA Compliance Deadline Tracker

Runs weekdays at 8AM. Scans a Google Sheet for twelve deadline types and routes alerts by urgency: OVERDUE / CRITICAL (≤14d) / URGENT (≤30d) / WARNING (≤60d) / NOTICE (≤90d). Alert deduplication via alert_sent_date prevents repeat noise on the same deadline.

The twelve tracked deadline types with regulatory citations:

Deadline Type	Regulation
NEPA_EIS_NOTICE_OF_INTENT	NEPA §102 — 40 CFR §1501.9
NEPA_RECORD_OF_DECISION	NEPA §102 — 40 CFR §1506.6
FHWA_SECTION_106_CONSULTATION	FHWA §106 — 36 CFR Part 800 historic preservation consultation
ADA_TITLE_II_SELF_EVAL_TRIENNIAL	ADA Title II — 28 CFR §35.105
ADA_TITLE_II_TRANSITION_PLAN_UPDATE	ADA Title II — 28 CFR §35.150
FCC_FIRSTNET_RENEWAL	FCC FirstNet — Band 14 priority access annual review
CISA_CYBERSECURITY_ASSESSMENT_ANNUAL	CISA Critical Infrastructure annual cybersecurity assessment
FISMA_ANNUAL_ASSESSMENT	FISMA — 44 USC §3554 annual security assessment
OPEN_DATA_POLICY_REVIEW	OMB M-13-13 / local open data ordinance — annual review
STATE_AG_CYBER_REVIEW	State AG cybersecurity compliance review
SOC2_TYPE2_RENEWAL	SOC 2 Type II annual renewal
ANNUAL_PENTEST	Annual penetration test

{"name": "NEPA/ADA/FCC/CISA Compliance Deadline Tracker", "nodes": [{"id": "1", "name": "Weekdays 8AM", "type": "n8n-nodes-base.scheduleTrigger", "typeVersion": 1, "position": [250, 300], "parameters": {"rule": {"interval": [{"field": "cronExpression", "expression": "0 8 * * 1-5"}]}}}, {"id": "2", "name": "Load Deadlines", "type": "n8n-nodes-base.googleSheets", "typeVersion": 4, "position": [470, 300], "parameters": {"operation": "read", "documentId": "YOUR_SHEET_ID", "sheetName": "Compliance_Deadlines"}}, {"id": "3", "name": "Classify Urgency", "type": "n8n-nodes-base.code", "typeVersion": 2, "position": [690, 300], "parameters": {"jsCode": "const today = new Date();\nconst items = $input.all().map(i => {\n  const d = i.json;\n  if (!d.deadline_date || d.status === 'COMPLETE') return null;\n  if (d.alert_sent_date === today.toISOString().split('T')[0]) return null;\n  const due = new Date(d.deadline_date);\n  const daysLeft = Math.ceil((due - today) / 86400000);\n  let urgency = null;\n  if (daysLeft < 0) urgency = 'OVERDUE';\n  else if (daysLeft <= 14) urgency = 'CRITICAL';\n  else if (daysLeft <= 30) urgency = 'URGENT';\n  else if (daysLeft <= 60) urgency = 'WARNING';\n  else if (daysLeft <= 90) urgency = 'NOTICE';\n  if (!urgency) return null;\n  const typeLabels = {\n    NEPA_EIS_NOTICE_OF_INTENT: 'NEPA \u00a7102 \u2014 Notice of Intent (40 CFR \u00a71501.9)',\n    NEPA_RECORD_OF_DECISION: 'NEPA \u00a7102 \u2014 Record of Decision (40 CFR \u00a71506.6)',\n    FHWA_SECTION_106_CONSULTATION: 'FHWA \u00a7106 \u2014 Historic Preservation Consultation (36 CFR Part 800)',\n    ADA_TITLE_II_SELF_EVAL_TRIENNIAL: 'ADA Title II \u2014 Self-Evaluation Triennial (28 CFR \u00a735.105)',\n    ADA_TITLE_II_TRANSITION_PLAN_UPDATE: 'ADA Title II \u2014 Transition Plan Update (28 CFR \u00a735.150)',\n    FCC_FIRSTNET_RENEWAL: 'FCC FirstNet \u2014 Band 14 Priority Access Annual Review',\n    CISA_CYBERSECURITY_ASSESSMENT_ANNUAL: 'CISA Critical Infrastructure \u2014 Annual Cybersecurity Assessment',\n    FISMA_ANNUAL_ASSESSMENT: 'FISMA \u2014 Annual Security Assessment (44 USC \u00a73554)',\n    OPEN_DATA_POLICY_REVIEW: 'OMB M-13-13 / local open data ordinance \u2014 annual policy review',\n    STATE_AG_CYBER_REVIEW: 'State AG cybersecurity compliance review',\n    SOC2_TYPE2_RENEWAL: 'SOC 2 Type II renewal',\n    ANNUAL_PENTEST: 'Annual penetration test'\n  };\n  return { json: { ...d, urgency, daysLeft,\n    type_label: typeLabels[d.deadline_type] || d.deadline_type,\n    slack_msg: `[${urgency}] ${typeLabels[d.deadline_type] || d.deadline_type} \u2014 due ${d.deadline_date} (${daysLeft}d) \u2014 owner: ${d.owner}` } };\n}).filter(Boolean);\nreturn items;"}}, {"id": "4", "name": "Route by Urgency", "type": "n8n-nodes-base.switch", "typeVersion": 3, "position": [910, 300], "parameters": {"dataPropertyName": "urgency", "rules": {"values": [{"outputKey": "overdue", "value": "OVERDUE"}, {"outputKey": "critical", "value": "CRITICAL"}, {"outputKey": "urgent", "value": "URGENT"}, {"outputKey": "warning", "value": "WARNING"}]}}}, {"id": "5", "name": "Slack OVERDUE", "type": "n8n-nodes-base.slack", "typeVersion": 2, "position": [1130, 100], "parameters": {"operation": "post", "channel": "#regulatory-compliance", "text": "={{ '\ud83d\udd34 OVERDUE: ' + $json.slack_msg }}"}}, {"id": "6", "name": "Slack CRITICAL", "type": "n8n-nodes-base.slack", "typeVersion": 2, "position": [1130, 250], "parameters": {"operation": "post", "channel": "#regulatory-compliance", "text": "={{ '\ud83d\udfe0 CRITICAL: ' + $json.slack_msg }}"}}, {"id": "7", "name": "Slack URGENT", "type": "n8n-nodes-base.slack", "typeVersion": 2, "position": [1130, 400], "parameters": {"operation": "post", "channel": "#regulatory-compliance", "text": "={{ '\ud83d\udfe1 URGENT: ' + $json.slack_msg }}"}}, {"id": "8", "name": "Email Owner", "type": "n8n-nodes-base.gmail", "typeVersion": 2, "position": [1350, 300], "parameters": {"operation": "send", "sendTo": "={{ $json.owner_email }}", "subject": "={{ '[' + $json.urgency + '] ' + $json.type_label + ' \u2014 due ' + $json.deadline_date }}", "message": "={{ '<p>Compliance deadline: <strong>' + $json.type_label + '</strong></p><p>Due: ' + $json.deadline_date + ' (' + $json.daysLeft + ' days)</p><p>Status: ' + $json.urgency + '</p><p>Owner: ' + $json.owner + '</p>' }}"}}], "connections": {"Weekdays 8AM": {"main": [[{"node": "Load Deadlines", "type": "main", "index": 0}]]}, "Load Deadlines": {"main": [[{"node": "Classify Urgency", "type": "main", "index": 0}]]}, "Classify Urgency": {"main": [[{"node": "Route by Urgency", "type": "main", "index": 0}]]}, "Route by Urgency": {"main": [[{"node": "Slack OVERDUE", "type": "main", "index": 0}], [{"node": "Slack CRITICAL", "type": "main", "index": 0}], [{"node": "Slack URGENT", "type": "main", "index": 0}], [{"node": "Email Owner", "type": "main", "index": 0}]]}}}

4. Critical Infrastructure Incident & CISA Alert Pipeline

Webhook receives incident reports and routes them with statutory SLA clocks. Eight incident types, each with a different authority notification window.

CISA_CRITICAL_INFRA_INCIDENT — 1 hour — CISA §2209. Report to CISA within one hour. This is the hardest clock in civilian government operations. If the pipeline runs through a third-party cloud that has even a brief outage, the clock does not stop.

WATER_CONTAMINATION_EVENT — 30 minutes — EPA SDWA §1413. Primacy agency notification within 30 minutes for imminent hazard events. Self-hosted pipeline is the only architecture that guarantees sub-minute trigger time.

CYBER_INCIDENT_GOV — 72 hours — CIRCIA mandatory reporting for critical infrastructure entities. Postgres audit trail proves the 72-hour clock was met.

NEPA_ENVIRONMENTAL_VIOLATION — 48 hours — CEQ 40 CFR §1506.3. Agency notification for significant environmental findings.

ADA_TITLE_II_COMPLAINT — 72 hours — ADA Title II. Response acknowledgment required; DOJ complaint risk on failure.

FCC_FIRSTNET_SERVICE_OUTAGE — 2 hours — FCC Part 4. Outage report required within 2 hours for public safety networks.

GRID_STABILITY_THREAT — 15 minutes — NERC CIP-009. E-ISAC notification within 15 minutes.

DATA_BREACH_GOVERNMENT — 72 hours — state data breach law + FISMA. Notification to Authorizing Official and US-CERT.

{"name": "Critical Infrastructure Incident & CISA Alert Pipeline", "nodes": [{"id": "1", "name": "Incident Webhook", "type": "n8n-nodes-base.webhook", "typeVersion": 2, "position": [250, 300], "parameters": {"path": "/civtech-incident", "httpMethod": "POST", "responseMode": "responseNode"}}, {"id": "2", "name": "Classify Incident", "type": "n8n-nodes-base.code", "typeVersion": 2, "position": [470, 300], "parameters": {"jsCode": "const d = $input.first().json;\nconst slaMap = {\n  CISA_CRITICAL_INFRA_INCIDENT: { sla_hours: 1, authority: 'CISA \u00a72209 \u2014 report to CISA within 1 hour', channel: '#critical-infra', escalate: true },\n  WATER_CONTAMINATION_EVENT: { sla_hours: 0.5, authority: 'EPA SDWA \u00a71413 \u2014 30 min notification to primacy agency', channel: '#critical-infra', escalate: true },\n  CYBER_INCIDENT_GOV: { sla_hours: 72, authority: 'CIRCIA \u2014 72h mandatory CISA reporting for critical infrastructure', channel: '#security-incidents', escalate: true },\n  NEPA_ENVIRONMENTAL_VIOLATION: { sla_hours: 48, authority: 'CEQ 40 CFR \u00a71506.3 \u2014 agency notification required', channel: '#regulatory-compliance', escalate: false },\n  ADA_TITLE_II_COMPLAINT: { sla_hours: 72, authority: 'ADA Title II \u2014 72h response acknowledgment, DOJ complaint risk', channel: '#compliance', escalate: false },\n  FCC_FIRSTNET_SERVICE_OUTAGE: { sla_hours: 2, authority: 'FCC Part 4 \u2014 outage report within 2 hours for public safety networks', channel: '#critical-infra', escalate: true },\n  GRID_STABILITY_THREAT: { sla_hours: 0.25, authority: 'NERC CIP-009 \u2014 15 min NERC/E-ISAC notification', channel: '#critical-infra', escalate: true },\n  DATA_BREACH_GOVERNMENT: { sla_hours: 72, authority: 'State data breach law + FISMA \u2014 notification to AO and US-CERT', channel: '#security-incidents', escalate: false }\n};\nconst incident_type = d.incident_type || 'CISA_CRITICAL_INFRA_INCIDENT';\nconst meta = slaMap[incident_type] || slaMap['CISA_CRITICAL_INFRA_INCIDENT'];\nconst deadline = new Date(Date.now() + meta.sla_hours * 3600000).toISOString();\nreturn [{ json: { ...d, incident_type, ...meta, sla_deadline_utc: deadline,\n  slack_msg: `[${incident_type}] ${meta.authority} | SLA: ${meta.sla_hours}h | Deadline: ${deadline}` } }];"}}, {"id": "3", "name": "Log to Postgres", "type": "n8n-nodes-base.postgres", "typeVersion": 2, "position": [690, 300], "parameters": {"operation": "executeQuery", "query": "INSERT INTO civtech_incidents (incident_id, incident_type, sla_hours, authority, sla_deadline_utc, agency_id, reported_by, created_at) VALUES ('{{ $json.incident_id }}', '{{ $json.incident_type }}', {{ $json.sla_hours }}, '{{ $json.authority }}', '{{ $json.sla_deadline_utc }}', '{{ $json.agency_id }}', '{{ $json.reported_by }}', NOW()) ON CONFLICT (incident_id) DO NOTHING;"}}, {"id": "4", "name": "Slack Alert", "type": "n8n-nodes-base.slack", "typeVersion": 2, "position": [910, 200], "parameters": {"operation": "post", "channel": "={{ $json.channel }}", "text": "={{ '\ud83d\udea8 ' + $json.slack_msg }}"}}, {"id": "5", "name": "Email Ops", "type": "n8n-nodes-base.gmail", "typeVersion": 2, "position": [910, 400], "parameters": {"operation": "send", "sendTo": "ops-director@agency.gov", "subject": "={{ '[INCIDENT] ' + $json.incident_type + ' \u2014 SLA: ' + $json.sla_hours + 'h \u2014 Deadline: ' + $json.sla_deadline_utc }}", "message": "={{ '<p><strong>Incident:</strong> ' + $json.incident_type + '</p><p><strong>Authority:</strong> ' + $json.authority + '</p><p><strong>SLA deadline:</strong> ' + $json.sla_deadline_utc + '</p><p><strong>Agency:</strong> ' + $json.agency_id + '</p>' }}"}}], "connections": {"Incident Webhook": {"main": [[{"node": "Classify Incident", "type": "main", "index": 0}]]}, "Classify Incident": {"main": [[{"node": "Log to Postgres", "type": "main", "index": 0}]]}, "Log to Postgres": {"main": [[{"node": "Slack Alert", "type": "main", "index": 0}], [{"node": "Email Ops", "type": "main", "index": 0}]]}}}

5. Weekly CivTech Platform KPI Dashboard

Monday 8AM: queries Postgres for platform metrics and open incident counts, emails the CTO and operations lead with a compliance flag summary. CISO BCC. KPI line: [CISA ALERT OPEN] | [ADA COMPLAINT OPEN] | [NEPA VIOLATION OPEN] | [OVERDUE INCIDENTS].

{"name": "Weekly CivTech Platform KPI Dashboard", "nodes": [{"id": "1", "name": "Monday 8AM", "type": "n8n-nodes-base.scheduleTrigger", "typeVersion": 1, "position": [250, 300], "parameters": {"rule": {"interval": [{"field": "cronExpression", "expression": "0 8 * * 1"}]}}}, {"id": "2", "name": "Platform Metrics", "type": "n8n-nodes-base.postgres", "typeVersion": 2, "position": [470, 300], "parameters": {"operation": "executeQuery", "query": "SELECT COUNT(DISTINCT agency_id) AS active_agencies, AVG(compliance_score) AS avg_compliance_score, SUM(CASE WHEN platform_status='ACTIVE' THEN mrr ELSE 0 END) AS weekly_mrr FROM civtech_accounts WHERE last_active_at > NOW() - INTERVAL '7 days';"}}, {"id": "3", "name": "Incident Metrics", "type": "n8n-nodes-base.postgres", "typeVersion": 2, "position": [470, 500], "parameters": {"operation": "executeQuery", "query": "SELECT COUNT(*) FILTER (WHERE incident_type LIKE 'CISA%' AND resolved_at IS NULL) AS open_cisa_alerts, COUNT(*) FILTER (WHERE incident_type = 'ADA_TITLE_II_COMPLAINT' AND resolved_at IS NULL) AS open_ada_complaints, COUNT(*) FILTER (WHERE incident_type = 'NEPA_ENVIRONMENTAL_VIOLATION' AND resolved_at IS NULL) AS nepa_violations_open, COUNT(*) FILTER (WHERE sla_deadline_utc < NOW() AND resolved_at IS NULL) AS overdue_incidents FROM civtech_incidents WHERE created_at > NOW() - INTERVAL '7 days';"}}, {"id": "4", "name": "Merge Metrics", "type": "n8n-nodes-base.merge", "typeVersion": 3, "position": [690, 400], "parameters": {"mode": "combine", "combinationMode": "mergeByPosition"}}, {"id": "5", "name": "Build Report", "type": "n8n-nodes-base.code", "typeVersion": 2, "position": [910, 400], "parameters": {"jsCode": "const p = $input.first().json;\nconst flags = [];\nif (p.open_cisa_alerts > 0) flags.push(`[CISA ALERT OPEN: ${p.open_cisa_alerts}]`);\nif (p.open_ada_complaints > 0) flags.push(`[ADA COMPLAINT OPEN: ${p.open_ada_complaints}]`);\nif (p.nepa_violations_open > 0) flags.push(`[NEPA VIOLATION OPEN: ${p.nepa_violations_open}]`);\nif (p.overdue_incidents > 0) flags.push(`[OVERDUE INCIDENTS: ${p.overdue_incidents}]`);\nconst flagLine = flags.length ? flags.join(' | ') : 'NO OPEN FLAGS';\nconst html = `<h2>CivTech Weekly Platform Report</h2>\n<table border=1 cellpadding=6><tr><th>Metric</th><th>Value</th></tr>\n<tr><td>Active agencies</td><td>${p.active_agencies}</td></tr>\n<tr><td>Avg compliance score</td><td>${parseFloat(p.avg_compliance_score||0).toFixed(1)}</td></tr>\n<tr><td>Weekly MRR</td><td>$${parseFloat(p.weekly_mrr||0).toFixed(0)}</td></tr>\n<tr><td>Open CISA alerts</td><td>${p.open_cisa_alerts||0}</td></tr>\n<tr><td>Open ADA complaints</td><td>${p.open_ada_complaints||0}</td></tr>\n<tr><td>NEPA violations open</td><td>${p.nepa_violations_open||0}</td></tr>\n<tr><td>Overdue incidents</td><td>${p.overdue_incidents||0}</td></tr>\n</table><p><strong>Flags:</strong> ${flagLine}</p>`;\nreturn [{ json: { ...p, flagLine, html_report: html,\n  slack_summary: `CivTech weekly: ${p.active_agencies} agencies | ${flagLine}` } }];"}}, {"id": "6", "name": "Email CTO", "type": "n8n-nodes-base.gmail", "typeVersion": 2, "position": [1130, 300], "parameters": {"operation": "send", "sendTo": "cto@civtech-vendor.com", "subject": "CivTech Weekly Platform Report \u2014 {{ $now.format('yyyy-MM-dd') }}", "message": "={{ $json.html_report }}", "additionalFields": {"bccList": "ciso@civtech-vendor.com"}}}, {"id": "7", "name": "Slack Summary", "type": "n8n-nodes-base.slack", "typeVersion": 2, "position": [1130, 500], "parameters": {"operation": "post", "channel": "#management", "text": "={{ $json.slack_summary }}"}}], "connections": {"Monday 8AM": {"main": [[{"node": "Platform Metrics", "type": "main", "index": 0}], [{"node": "Incident Metrics", "type": "main", "index": 0}]]}, "Platform Metrics": {"main": [[{"node": "Merge Metrics", "type": "main", "index": 0}]]}, "Incident Metrics": {"main": [[{"node": "Merge Metrics", "type": "main", "index": 1}]]}, "Merge Metrics": {"main": [[{"node": "Build Report", "type": "main", "index": 0}]]}, "Build Report": {"main": [[{"node": "Email CTO", "type": "main", "index": 0}], [{"node": "Slack Summary", "type": "main", "index": 0}]]}}}

Why CivTech SaaS vendors self-host n8n

Regulatory driver	Self-hosting argument
CISA Critical Infrastructure monitoring	Cloud routing of infrastructure telemetry through non-US-controlled SaaS creates potential CISA §201 foreign access reporting exposure. Self-hosted n8n keeps infrastructure event data in your designated authorized boundary.
NEPA administrative record integrity	NEPA records must survive judicial review under 5 USC §706. Cloud automation adds sub-processor links not in the administrative record, creating chain-of-custody questions for opposing counsel.
ADA Title II litigation hold	Government entities are subject to discovery when ADA Title II complaints are filed. Records in third-party cloud require legal process for production — delay, cost, and appearance of evasion. Self-hosted records are in your control.
FCC FirstNet data sovereignty	FirstNet network data contains public safety communications metadata. DHS and FirstNet authority policy restricts routing of FirstNet metadata through non-authorized cloud systems.
FISMA ATO boundary	Cloud-based automation tools that process government system data may expand the FISMA Authorization boundary. Self-hosted n8n deployed inside the existing ATO boundary avoids scope creep.

Buyer Q&A

Q: Does n8n process our NEPA administrative records directly?
No. n8n orchestrates the submission triggers, review clocks, and notification routing. NEPA records stay in your agency's document management system (EDMS, SharePoint, or Documentum). n8n triggers based on milestone status read from your system — it does not store the documents.

Q: Can n8n handle ADA Title II paratransit compliance workflows alongside our legacy scheduling system?
Yes. The HTTP Request node connects to any REST or SOAP endpoint. Paratransit scheduling data stays in your on-premise system; n8n reads status and triggers notification workflows based on compliance windows you define.

Q: How does FCC FirstNet data sovereignty work with self-hosted n8n?
Deploy n8n inside your agency's FirstNet tenant or on-premise in your authorized network boundary. All FirstNet metadata and usage data remains within your authorized perimeter. No external cloud service processes the data.

Q: We need CISA mandatory reporting under CIRCIA — can n8n prove the 72-hour clock was met?
Yes. The incident pipeline logs every trigger to Postgres with a created_at timestamp and sla_deadline_utc field. This provides an immutable, auditable record that the CISA report was initiated within the statutory window — the exact audit trail a CISA inspector would ask for.

Q: Our FISMA ATO is already scope-constrained — does adding n8n expand the boundary?
Only if n8n processes in-scope data outside the existing boundary. Deployed inside the ATO boundary (same network segment as your existing authorized systems), n8n does not expand scope. Cloud-hosted automation tools are a different story — they create a new external system boundary that requires a separate ATO assessment.

All five workflows are available as import-ready JSON at stripeai.gumroad.com — the FlowKit n8n automation template library. The bundle includes 14 vertical-specific workflow packs for compliance-heavy SaaS vendors.