Evaluating IT governance in IoT-Integrated supply chains: Risks, control mechanisms, and audit challenges

The rapid integration of Internet of Things (IoT) technologies into supply chain ecosystems has transformed traditional logistics, inventory management, procurement, and operational monitoring processes. IoT-enabled supply chains provide real-time visibility, automation, predictive analytics, and enhanced decision-making capabilities. However, the increasing dependency on interconnected devices, cloud platforms, and data-driven infrastructures has introduced substantial governance, security, compliance, and audit-related challenges. This paper evaluates the role of Information Technology (IT) governance in IoT-integrated supply chains by examining associated risks, governance frameworks, control mechanisms, and auditing complexities. The study explores critical cybersecurity vulnerabilities, data privacy issues, operational disruptions, interoperability concerns, and regulatory compliance challenges. Furthermore, it investigates the applicability of governance frameworks such as COBIT, ISO/IEC 27,001, and NIST Cybersecurity Framework in securing IoT-enabled supply chain systems. The paper also discusses audit challenges related to real-time monitoring, distributed architectures, continuous data generation, and third-party dependencies. Finally, recommendations for strengthening governance structures, improving control environments, and enhancing audit readiness are presented. The findings contribute to the growing body of knowledge on Industry 4.0 governance and provide valuable insights for researchers, auditors, policymakers, and organizations implementing IoT-based supply chain systems.