Risk management in sustainable smart cities governance: A TOE framework

Abstract Sustainable smart cities are confronted by technological, organisational and external risks, making their governance difficult and susceptible to manipulation. Based on a comprehensive literature review of 796 systematically retrieved articles, the current study proposes a multilayered technology-organisation-environment (TOE-based) risk management framework for sustainable smart city governance. A total of 56 risks are identified and grouped into TOE categories. There are 17 technological risks, including IoT networks, public internet management and user safety concerns, with a 38.7% contribution to smart city governance risks. With a 15.6% share, there are 11 organisational risks, including user data security and cloud management. There are 28 external risks with a contribution of 46.7% to the smart city governance and consist of smart city's environment, governance, integration and security risks. A multilayered TOE-based risk management framework is proposed to identify and manage the risks associated with smart city governance in the current study. The framework links smart citizens to each other through the smart city governance team and the integrated TOE layers. The iterative risk management process of identification, analysis, evaluation, monitoring and response planning is carried out in the TOE layers, both at the external layer levels and internal management levels. The proposed framework operationalises the risk management process for smart city governance by presenting the collection of pertinent risks and their thematic TOE categorisation. The criticality of the identified risks in line with the study's rankings can help researchers and practitioners understand the top risks of smart city governance. These risks present investment opportunities for city governance bodies to develop critical and effective responses as well as provide safety, security and enhanced privacy for citizens.