The rapid digitization of urban environments through technologies such as the Internet of Things (IoT), cloud computing, and big data analytics has significantly transformed modern cities into smart cities. However, this transformation has raised critical concerns regarding the security and privacy of citizen data. Prior studies have explored various IT governance models, yet there remains a gap in their contextual application to the dynamic and complex nature of smart cities. This research addresses that gap by examining the strategic role of Information Technology (IT) governance in enhancing data security and privacy in smart city initiatives. Through a literature review and analysis of case studies, this study identifies key IT governance frameworks and best practices, and adapts them to the unique operational, regulatory, and infrastructural demands of smart cities. The findings reveal that aligning IT governance with institutional policies, risk management, and legal compliance significantly strengthens urban digital resilience. Moreover, the incorporation of real-time monitoring systems, encryption protocols, and structured incident response plans is found to be effective in mitigating cyber threats. The novelty of this study lies in its integrated model that combines governance principles with smart city-specific risk contexts, offering a strategic roadmap for policymakers. This research contributes to the development of adaptive governance strategies that not only ensure compliance and security but also build public trust in digital urban services. Limitations of the study include the reliance on secondary data and the need for empirical validation, which will be addressed in future research through pilot implementations and stakeholder engagement.
Wijaya et al. (Fri,) studied this question.