We put the IT in city®

IT in a Box: Policy and Compliance

We help you adopt best practices and policies that address information security risks and assist with audits. By making sure your staff is knowledgeable and prepared, we help your city comply with the law and lessen your risk of falling victim to the latest external and internal threats.

Federal, state, and local laws, policies, and ordinances require that you protect and secure specific information such as

  • Tax information
  • Public safety information
  • Payment information
  • Personnel information
  • Records eligible for open records and FOIA requests

How are you securing this information? Are you in compliance with the law?

IT in a Box helps you comply in multiple ways.


Arkansas Municipal League
Call (501) 978-6106
Georgia Municipal Association
Call (678) 686-6213
Kentucky League of Cities
Call (800) 876-4552

Trusted.  
AML's, GMA's, and KLC's technology solution for Arkansas, Georgia, and Kentucky cities.

Tailored.
Comprehensive technology products and services -- from a new website to data backup -- tailored to the unique needs of cities.

Affordable.
Priced for cities -- from the smallest to the largest -- with a predictable, flat monthly fee. 


To proactively identify vulnerabilities, we help cities set policies around:

  • Applications and systems
  • Passwords
  • Vendor access
  • Network access
  • Wireless access
  • Physical access
  • User access

Clarifying policies around these areas helps you identify gaps in your security that are vulnerable to cyberattack and gives you the documentation to effectively enforce compliance and best practices.


Let’s say a cyberattack or another serious incident occurs. Now what? This is usually where cities often make critical mistakes related to compliance. Our municipal-experienced senior IT engineers remain calm in a crisis and guide your city through a proper incident response plan that keeps you in compliance with the law.

We can handle incidents such as:

  • A virus or ransomware infection
  • An email security issue
  • An open records request issue
  • A video archiving issue

Is your city getting audited for security or compliance reasons? No problem. We help cities prepare for auditors by ensuring that you meet specific security and compliance requirements related to technology. You should feel no need to worry about auditors because of technology. During the audit, we are right there with you as part of your team to make the process smooth and eliminate your anxiety.

  • Arkansas Legislative Audit: For Arkansas, Sophicity works with cities that must comply with Legislative Audit. We’ve created policies and procedures designed to meet the specific demands of Arkansas state auditors.
  • Criminal Justice Information Services (CJIS): Our familiarity with CJIS standards and compliance helps us assist public safety departments in cities from any state.
  • Georgia Crime Information Center (GCIC): The Georgia Bureau of Investigation (GBI) requires Georgia cities to submit network diagrams and other requirements for their audits. We can help with this process through our GCIC-trained engineers.
  • Arkansas Crime Information Center (ACIC): We can help Arkansas cities with ACIC compliance.
  • Alabama Law Enforcement Agency (ALEA): We can help Alabama cities with ALEA compliance.

Technology-related policies and compliance can be a tough area to learn and difficult to keep up-to-date—especially when considering how fast the technology world evolves. We help your city staff learn about technology-related security and compliance policies, the ins and outs of enforcing those policies, and the reasons these policies are so important. We can train elected officials as well as city staff.