The evolution and trends in IT governance research: A bibliometric

analysis
Haikal Zahiruddin

Full-time Temporary Lecturer, Faculty of Computer and Mathematical Sciences, Universiti Teknologi
MARA Kelantan, Bukit Ilmu, Machang, Kelantan, Malaysia. E-mail: [email protected]

Adi Wijaya *

*Corresponding author, Senior Lecturer, Department of Health Information Management, Universitas

Indonesia Maju, Jakarta, Indonesia. E-mail: [email protected]

Abstract
Information technology (IT) governance has become a crucial area of study because of the
growing corpus of research in the area. This study aims to conduct both a literature review
and bibliometric analysis focusing on three specific research questions: (RQ1) examining the
trends in publications and citations, (RQ2) recognizing the most impactful countries, journals,
and authors, and (RQ3) investigating popular research areas and trending topics in IT
governance. Data surrounding IT governance research were obtained through the Scopus
database, with a total of 1,510 documents published from 1995 to February 2023. The
extracted documents were analysed using Harzing’s Publish or Perish, VOSviewer, and
Bibliometrics sub-tool Biblioshiny software. Publications have continued to rise since 2004
when the United States has had the greatest influence over IT governance publication and
research collaboration, while Indonesia is the most prolific. Primary sources on IT governance
research were taken from conference proceedings related to IT topics. As for authors, Pereira
R from Portugal is at the top of the list while Van Grembergen W from Belgium is the most
influential. This study is the first to identify and propose themes and current hotspots in IT
governance research which serves as a guide for future researchers and professionals.
Keywords: Information technology governance, Scopus, Harzing’s Publish or Perish,
VOSviewer, Bibliometrics

Journal of Information Technology Management, 2024, Vol. 16, Issue 2, pp. 112-131 Received: April 04, 2023
Published by the University of Tehran, College of Management Received in revised form: August 28, 2023
doi: https://doi.org/ 10.22059/JITM.2023.357779.3315 Accepted: September 13, 2023
Article Type: Research Paper Published online: April 30, 2024
© Authors
113 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

Introduction
Information technology (IT) governance is a set of processes, policies, and controls that
businesses use to align their IT systems with business goals, secure them, comply with legal
and regulatory requirements, and effectively manage and monitor them (Selig & Wilkinson,
2008). IT governance is also linked to corporate governance (Abu-Musa, 2005). Board roles,
board composition, board characteristics, board organizational structure, and board
organizational processes to design, implement, and monitor business strategy are all issues of
corporate governance (Korac-Kakabadse & Kakabadse, 2001). The concept pertains to
processes and systems for formulating and managing strategic IT decisions, along with the
distribution of IT decision-making authority and responsibilities among various
organizational stakeholders. (Peterson, 2004). The COBIT, IT infrastructure library (ITIL),
and ISO/IEC 38500 frameworks include principles, processes, and best practices for
managing IT resources and supporting the organization's strategic goals (ISCA, 2021).

IT governance is a multidimensional topic and has emerged as an important area of

study as the body of literature in this field is expanding quickly (Priyadarsini & Kumar,
2022). To date, there are only a few bibliometric analyses (Mumu et al., 2021, 2022; Effah,
2022; Pahlevi, 2022; Ellili, 2023) and systematic reviews (Mece et al., 2020; Nyakurukwa &
Seetharam, 2022) related to corporate governance. With only one bibliometric analysis paper
focusing on IT governance published in 2016 (Cunha & Froger, 2016). The bibliometric study
was performed between 2003-2013 using Brazilian and international databases, with the
addition of searches in digital libraries and sites of the main publisher (Cunha & Froger,
2016). As such, there is a deep need to conduct a bibliometric analysis for IT governance
using comprehensive databases like Scopus’ (Zhu & Liu, 2020; Pranckute, 2021). This
review paper aims to extensively investigate IT governance by utilizing both established
bibliometric techniques. There are three research questions: (RQ 1) to look at publication and
citation trends, (RQ 2) to identify the most influential countries, journals, and authors, and
(RQ 3) to explore research hotspots and trending topics for IT governance search.

Methodology

The data for this study were retrieved and downloaded from Scopus’ database on February
16, 2023. The search terms used are "information technology governance” OR “it
governance" OR "information and communication technology governance" OR ”ict
governance" OR cobit OR itil OR ”ISO 17799" OR ”ISO 38500" in the article title. All
English-language documents from 1992 to January 16, 2023, were included, including
primary study documents i.e., articles and conference proceedings published in the English
language. Journal articles and conference proceedings are both useful for scientific objectives,
however in certain disciplines, the former is regarded as a more formal and less transient
research output (González-Albo & Bordons, 2011). In the end, 1510 documents of which 994
A Socio-economic Analysis of the Online Gambling 114

were proceedings and 516 were original articles met the criteria and were downloaded for
further analyses (Figure 1).

Figure 1
PRISMA flowchart on the search strategy.

Topic ITG

Database: Scopus
Topic, Scope & Eligibility

Scope & Coverage Search Field: Title

Time Frame: 1992-present
Language: All

(TITLE ( "information technology

governance" OR "it
Keywords & Search governance" ) OR TITLE ( "information and
String communication technology governance" OR "ict
governance" ) OR TITLE ( cobit OR itil OR "ISO
17799" OR "ISO 38500" ) )

Date Extracted 13th February 2023

Screening

Record Identified & n = 1798

Screened

Refine 1: Language: English

Record Filtered
Refine 2: Document type: article and conference paper
Included

Record Included for

n = 1510
Bibliometric Analysis

Harzing’s Publish or Perish software (Harzing, 2007) was used for citation analysis
while the Bibliometrics sub-tool Biblioshiny (Aria & Cuccurullo, 2017) and VOSviewer (Van
Eck & Watman, 2020) were used for performance and science mapping analysis to answer all
the three research questions.
115 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

Results

Annual Publications and Citations trends (RQ 1)

In 1995, only three documents were published with 9 citations. Between 1996 and 1998, no
documents were published. Starting in 2004, the number began to consistently rise into
double digits, reaching its peak in 2011, 2014, and 2018, with a decline in publications during
the intervals between these years. As illustrated in Figure 2, a total of 131 documents were
published in 2018, the highest annual publications on IT governance so far. The number of
citations reached its peak in 2010, aligning with the upward trend in publications.

Figure 2
Annual publication and citations.

1600 140

1400 120

1200
100
1000
80
800
60
600
40
400

200 20

0 0
2001
1995
1999
2000

2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023

TP TC

Most Influential Countries (RQ 2)

Indonesia ranked first in the total number of publications with 253 documents followed by the
United States, Australia, and Germany. The data was then analysed to determine which
countries had the greatest number of citations. The United States was the topmost in the list
with 4,595 total citations and 172 scientific productions, followed by Belgium, Germany, and
Indonesia (Table 1).
A Socio-economic Analysis of the Online Gambling 116

Table 1
Top 10 most productive countries.
Country TP NCP TC C/P C/CP h g
Indonesia 253 189 1028 4.06 5.44 12 21
United States 172 143 4595 26.72 32.13 32 65
Australia 108 85 2140 19.81 25.18 21 44
Germany 97 78 1045 10.77 13.40 16 28
Malaysia 76 60 646 8.50 10.77 13 21
Brazil 69 52 384 5.57 7.38 9 17
China 68 45 476 7.00 10.58 10 20
Portugal 59 50 486 8.24 9.72 12 18
Belgium 50 42 1086 21.72 25.86 13 32
Spain 46 37 330 7.17 8.92 9 16
Notes: TP - total number of publications; NCP - number of cited publications; TC - total citations; C/P
- average citations per publication; C/CP - average citations per cited publication; h - h-index; and g -
g-index.

However, in terms of corresponding author’s country, the United States had the most
corresponding authors with 14 multiple-country publishing (MCP) documents and 64 single-
country publication (SCP) documents, followed by Indonesia with 7 MCP documents and 65
SCP documents, and China 5 MCP documents and 65 SCP documents (Figure 3).

Figure 3
Corresponding author’s countries
117 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

Most Relevant Sources (RQ 2)

The most relevant sources were analysed, which reveals that the top three sources were
proceedings. Among the journals, the Journal of Theoretical, and Applied Information
Technology (Islamabad, Pakistan) ranked fifth with a total of 24 documents, followed by
Information Systems Management (Taylor & Francis) ranked eighth with a total of 22
documents (Table 2).

Table 2
Top 10 publishing sources on IT governance research.

Source TP NCP TC C/P C/CP h g

Proceedings Of the Annual Hawaii International
67 61 1398 20.87 22.92 19 35
Conference on System Sciences
ACM International Conference Proceeding Series 31 22 88 2.84 4.00 5 7

Journal of Physics Conference Series 27 19 45 1.67 2.37 4 5

Lecture Notes in Business Information Processing 26 18 101 3.88 5.61 5 8

Journal of Theoretical and Applied Information
24 19 132 5.50 6.95 8 10
Technology
Lecture Notes in Computer Science Including Subseries
Lecture Notes in Artificial Intelligence and Lecture Notes 24 18 123 5.13 6.83 6 10
in Bioinformatics
Communications in Computer and Information Science 23 18 93 4.04 5.17 6 8

Information Systems Management 22 21 1344 61.09 64.00 13 22

Procedia Computer Science 14 13 217 15.50 16.69 8 14

Advances in Intelligent Systems and Computing 13 11 31 2.38 2.82 4 4

Notes: TP - total number of publications; NCP - number of cited publications; TC - total citations; C/P
- average citations per publication; C/CP - average citations per cited publication; h - h-index; and g -
g-index.

Most Relevant Authors and Authors Collaboration (RQ 2)

Pereira R published the highest number of documents (22 documents) followed by De Haes,
S. (21 documents), Da Silva, M.M. (19 documents), and Van Grembergen, W. (18
documents) (Table 3). Among the top authors, Van Grembergen, W. is the most impactful
author (h-index of 10).
A Socio-economic Analysis of the Online Gambling 118

Table 3
Top 10 most productive authors, institutions, and countries

Author Name Affiliation TP NCP TC C/P C/CP h g

Iscte – Instituto Universitário de Lisboa,
Pereira, R. Department of Information Science and 22 21 225 10.23 10.71 9 14
Technology, Lisbon, Portugal
Antwerp Management School, Antwerpen,
De Haes, S. 21 19 614 29.24 32.32 9 21
Belgium
Da Silva, M.M. Instituto Superior Técnico, Lisbon, Portugal 19 16 205 10.79 12.81 9 14
Van Antwerp Management School, Antwerpen,
Grembergen, BelgiumUniversiteit Antwerpen, Antwerpen, 18 17 983 54.61 57.82 10 18
W. Belgium
Stockholms universitet, Department of
Rusu, L. Computer Science and Information Systems, 16 13 244 15.25 18.77 7 15
Stockholm, Sweden
The University of Queensland Business
Green, P. 14 13 424 30.29 32.62 9 14
School, Brisbane, Australia
Kosasi, S. STMIK Pontianak, Indonesia 14 10 35 2.50 3.50 4 5
Universidade Federal de Sergipe, Sao
Almeida, R. 13 13 100 7.69 7.69 6 9
Cristovao, Brazil
Santu Petrus Junior High School, Pontianak,
Vedyanto 13 10 35 2.69 3.50 4 5
Indonesia
Al Farabi Kazakh National University,
Bianchi, I.S. 12 11 99 8.25 9.00 5 9
Almaty, Kazakhstan
Notes: TP - total number of publications; NCP - number of cited publications; TC - total citations; C/P
- average citations per publication; C/CP - average citations per cited publication; h - h-index; and g -
g-index.

The co-authorship authors' network publishing on IT governance from 1995 to 2023

resulted in 2,771 authors. To avoid including insignificant contributions in the network map,
we excluded publications with more than 25 co-authors. Figure 4a shows the collaboration
linkages between the authors as lines and the clusters of collaboration as 21 different colors.
In Figure 4a, a total of 83 authors met a threshold of at least 5 published articles per author.
However, Figure 4b illustrates that only 12 authors from various clusters were visually
connected. Although all the top 10 authors listed in Table 3 belong to different clusters, close
and strong interconnections among them suggest a considerably strong research link relating
to IT governance topics. For example, Pereira, R., De Haes, S., Da Silva, M.M., Van
Grembergen, W., Almeida, R., and Bianchi, I.S. were strongly linked together as shown in
Figure 4b.
119 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

Figure 4 a)
Co-authorship author’s network

Figure 4 b)
Close-up view of the connected authors. Fractional counting with five as a minimum number
of documents of an author. 83 out of 2771 authors met the threshold.
A Socio-economic Analysis of the Online Gambling 120

Most Frequent Keywords and Trending Topics (RQ 3)

The analysis of the co-occurrence of author keywords was done for the years 1995 to 2023,
with a threshold set for at least 5 keyword occurrences. The main search terms i.e., “it
governance”, “it” and “governance” keywords were excluded in this analysis. Out of 2543
keywords, 135 keywords spread in four clusters (IT management, ITIL, business-IT-
alignment, COBIT) were found through analysis (Figure 5a). The most frequent keywords for
each cluster were summarised in Table 4. "Cobit" has a total count of 244, followed by "itil”
with a total count of 198, “itsm" with a total count of 75, and "frameworks" with a total count
of 39 was the top keywords occurrence.

The overlay visualization in this study expands upon the visualization presented in
Figure 5a, providing a broader perspective on the evolution of IT governance research, as
demonstrated in Figure 5b. The keywords in this map with a purple-dark green color range
represent IT governance-related research activities with an older average publication year,
whereas the keywords in this map with a yellow color range reveal keywords used in a more
recent average publishing year. It can be seen from Figure 5b that older keywords such as
“compliance”, “knowledge management”, “australia”, “it organization”, “iso/iec 20000”, “it
outsourcing”, and “modelling”. The research on IT governance during this period was
somewhat foundational. IT governance research evolved to include keywords such as
“universities”, “firm performance”, “capability level/it capabilities”, “digital transformation”,
“ambidexterity”, “smart city”, “cybersecurity”, “agile”, and “cobit 5 for risk” in recent years
(Figure 5b).
Figure 5 a)
Co-occurrence of author’s keywords

IT management COBIT

Business-IT-
alignment

IT infrastructure library (ITIL)

121 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

Figure 5 b)
Overlay visualization of author’s keywords. Full counting with five as a minimum number of
occurrences of a keyword. 137 out of 2545 authors’ keywords met the threshold. Minimum size of a
cluster: 15 keywords

Table 4
Co-occurrence of author keywords in IT governance.
Cluster 1 (red) Cluster 2 (green) Cluster 3 (blue) Cluster 4 (yellow)
IT management (31) ITIL (198) Case studies (36) Cobit (244)
Business-it-alignment
Risk management (28) ITSM (75) Maturity levels (27)
(33)
Corporate governance
Frameworks (39) Public sector (27) ISO 38500 (20)
(26)
Strategic alignment (23) Universities (32) SMEs (15)
Processes (24)
Information security (22)
Information system (20)
IT governance
Compliance (19)
mechanisms (18)
Enterprise architecture
Service management (18)
(16)
Board of directors (15) Decision making (15)
Incident management
Cloud computing (15)
(15)
Implementation (15)
Notes: The keyword occurrence is shown by the numbers in brackets.
A Socio-economic Analysis of the Online Gambling 122

An analysis of the data was performed to extract the trending topics from the author’s
keywords in the last decade (2013-2023). Interestingly, similar keywords were noted in this
analysis. "It capabilities", “cobit 2019”, “performance”, “higher education institutions”,
“cybersecurity", “firm performance”, “iso 38500”, “smart city”, “digital transformation” and
“agile” were among the recent trending topics (Figure 6) matched the newer keywords seen in
Figure 5b.

Figure 6
Trending topics extracted from author’s keywords in the last decade (2013-2023)

Discussion

Bibliometric analysis has gained popularity as a valuable tool for uncovering trends and
patterns in research studies (Mohamed Ariffin et al., 2023). By categorizing publications
based on factors such as year, author, source, or country, researchers can discern patterns in
the studies. This approach allows for the evaluation of publication performance and impact, as
well as the potential for making predictions using metrics like the number of citations,
citations per publication, the h-index, and the g-index (Qaid et al., 2021; Song & Cao, 2022).
Furthermore, by considering various indicators such as co-authorship, co-citation, keyword
co-occurrence, and bibliographic coupling, the current landscape of publications can be
mapped and visualized to provide an overview of the state of the field (Zakaria et al., 2021).
123 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

From the retrieved data, a total of 1,510 documents, of which 745 were research articles
and 28 were review articles were found. Our records extend back to 1995, and in that year
only one document was published. However, between 1996 and 1998, no documents were
published. From 2004 onwards the number of publications has increased to two-digit and
steadily increased over time. In 2018, a total of 131 documents were published, and it was the
highest number of publications per year recorded so far. The number of citations was peaked
in 2010 could be due to a surge in the publication of highly impactful research papers in the
field as observed between 2004 to 2010 (Weill & Ross, 2005; Tanriverdi, 2006; De Haes &
Van Grembergen, 2009; Khatri & Brown, 2010; Spears & Bakri, 2010). The lower number of
citations for recently published documents could be due to the short time for the publications
to be recognized and cited.

Indonesia ranked first in the total number of publications followed by the United States.
This trend could be explained by a sharp rise in conferences held locally in Indonesia rather
than improving database coverage (Purnell, 2021). However, the United States is the topmost
country in terms of total citations with 4595 citations. Similarly, in terms of the corresponding
author’s country, the United States ranked first with 19 MCP papers and 78 SCP documents,
followed by Indonesia with 7 MCP and 65 SCP documents. It is highly understandable why
the United States has the most citations and the corresponding author’s country. The United
States has been known to produce a high number of publications in every field of knowledge
(Zakaria et al., 2021, 2022) and is the significant driving force behind the financial major
scandals that occurred which would result in specific rules and legislation directly related to
the area of IT governance (Dnes, 2005; Clauss et al., 2009; Ceil, 2019; Zamry & Syafinaz,
2019; Cakali, 2022).

The top sources for publishing IT governance research were found to be conference
proceedings. Conference proceedings have been identified as a key part of communicating
research findings in the field of computer science (Bar-Ilan, 2010, 2018). This is because
conference proceedings are increasingly being indexed by major databases, and scientists may
have found it advantageous to publish conference papers because they were quicker and easier
to publish than journal articles or book chapters (Purnell, 2021). However, citations are
directly influenced by coverage (Bar-Ilan, 2018). The number of citations per paper on
average provides the most accurate comparison. Here, the situation is less obvious because,
when it comes to proceedings papers, Proceedings of the Annual Hawaii International
Conference on System Sciences has a C/P of 20.87, higher than some journals listed in Table
2 like the Journal of Theoretical and Applied Information Technology and Procedia Computer
Science.
A Socio-economic Analysis of the Online Gambling 124

Van Grembergen W is the most influential author with a total of 983 citations, followed
by De Haes S with a total of 614 citations, although Pereira R has slightly more documents.
Both authors came from the same institution in Belgium, and they co-authored the same
documents (De Haes et al., 2013a & b; Rowlands et al., 2014; De Haes & Van Grembergen,
2006, 2008a, 2008b & 2012; Joshi et al., 2018) especially the highly cited documents (De
Haes & Van Grembergen, 2009; De Haes et al., 2013b). Some of the listed top authors are
strongly linked together suggesting international research collaboration among them.

The keyword “cobit” has been used the most frequently in the scientific literature
related to "it governance" since 1995, with 244 occurrences, followed by “itil" with 198
occurrences, "itsm" with 75 occurrences and “framework” with 39 occurrences. According to
Hardy (2006), there is a significant relationship between IT governance issued by the IT
Governance Institute and the COBIT (Control Objectives for Information Technology-
Related) framework. This is because COBIT provides generic guidelines that an organization
may use to (1) gather and process information about the organisation under control, (2)
monitor the attainment of organizational goals, (3) monitor performance within each IT
process, and (3) benchmark organizational achievement.

The most recent trending topics identified from the author’s keywords include "it
capabilities", “cobit 2019”, “performance”, “higher education institutions”, “cybersecurity”,
“firm performance”, “iso 38500”, “smart city”, “digital transformation” and “agile”. Both
“cobit 2019” and “iso 38500” are the frameworks for IT governance and IT management
(Visitsilp & Bhumpenpein, 2021) applied in public and private organizations including higher
education institutions (Gerl et al., 2021; Lompoliu et al., 2022). However, higher education
institutions and other organizations are still struggling to divide IT governance and IT
management duties (Juiz et al., 2022). The most often reported challenges when
implementing IT governance in higher education institutions include resistance to change and
communication issues among parties, budget constraints, lack of knowledge/training for IT
governance principles, and lack of vision for IT. The most often reported benefits include IT
governance improves service quality, customer satisfaction, and IT planning and management
alignment with university and company goals (Meçe et al., 2020). Tjong et al. (2017) largely
agree that IT governance enhances performance and compliance, and IT governance benefits
are similar for industry and higher education institutions.

The impact of digital technologies on our society is enormous, giving rise to various
definitions. For example, "a process that aims to improve an entity by triggering significant
changes to its properties through combinations of information, computing, communication,
and connectivity technologies" (Vial, 2021) or "the continuously increasing interaction
between digital technologies, business, and society" are some definitions that are frequently
used (Van Veldhoven & Vanthienen, 2023). To quickly convert opportunities into
competitive advantages in light of the profound ways that digital technologies are altering the
125 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

competitive landscape, good executive sense and awareness are required (Bonnet &
Westerman, 2020). This is now essential since change and opportunity are occurring more
rapidly. Agile solutions in IT governance are crucial for enterprises because digital
transformation has profoundly impacted both their IT environment and organizations
(Mulyana et al., 2021; Van Veldhoven & Vanthienen, 2023).

Since the pandemic, the use of digital technologies such as telecommuting,

videoconferencing, personal devices, and private WiFi networks has had a positive impact on
various organizations in our society (Duan et al., 2023; Singh et al., 2023). However, this
change has led to an increase in cybercriminals (Cremer et al., 2022). Businesses and
organizations must adopt a proactive and comprehensive approach to cybersecurity as the
volume and complexity of cyberattacks increase to protect sensitive corporate and employee
data, especially those charged with the responsibility of protecting information related to
health, national security, and financial records, among other things (Thomas & Sule, 2022).
An earlier study by Garcia-Perez et al. (2021) found that the organization board’s view of a
change in their cybersecurity risk climate significantly correlated with cybersecurity
management capability development and investment patterns. The authors also discovered a
favorable association between critical infrastructure organizations' cybersecurity training and
their cybersecurity investment, notably in intellectual capital creation (Garcia-Perez et al.,
2021). In another study, the authors found that each cybersecurity capability can be
operationalized by a set of cybersecurity controls from various frameworks, standards,
and guidelines, for example, COBIT, CIS, ISA/IEC 62443, ISO/IEC 27002 and NIST Special
Publication 800-53 (Malatji et al., 2022).

In tandem with the digital transformation, the notion of "smart cities" leverages network
technology to drive urban development, with cities playing an increasingly prominent role in
fostering innovation across various domains, such as business, healthcare, inclusivity, and
environmental sustainability (Kroes, 2010; Connolly et al., 2017). Apart from the positive
impact of the smart cities concept, proper implementation of IT governance seems to be a
difficult task given the possibility of irresponsible, careless, and malicious use of the data,
which could have several (un)wanted side effects, including violations of legal requirements,
human rights, ethical standards, and privacy and security standards (Choenni et al., 2022;
Kvalvik et al., 2022).

Conclusion

The number of publications on IT governance has steadily increased over the years since
2004. Indonesia is the most productive country while the United States has been the most
impactful country with IT governance publication and research collaboration. The conference
proceedings publishing themes relevant to IT were the top sources of IT governance research.
The themes of IT governance research include IT management, ITIL, IT alignment, and
A Socio-economic Analysis of the Online Gambling 126

COBIT while the recent research hotspots concentrated on "it capabilities," "cobit,"
"performance," "higher education institutions," "cybersecurity," "firm performance," "iso
38500," "smart city," "digital transformation," and "agile." Researchers and professionals in
this field can utilize these data, which provide an informative view of the overall research
trends in the field.

Several practical recommendations emerge from this context. First, it's crucial to bridge
the gap between research and practice by generating actionable insights that assist institutions
in navigating the challenges and opportunities presented by digital transformation. Secondly,
collaboration with cybersecurity experts is essential to formulate comprehensive strategies for
safeguarding data against evolving threats. Third, ethical frameworks for governing smart city
data should be developed, ensuring responsible and transparent data management practices.
Fourth, the adoption of agile methodologies can help organizations navigate the dynamic
landscape of digital transformation by promoting flexibility and adaptability. Fifth, fostering
cross-disciplinary collaborations is essential to address the multifaceted challenges posed by
digital transformation, enabling a holistic and forward-looking approach to understanding its
impacts. Finally, organizations should establish adaptable governance practices that
effectively guide them in the ever-evolving digital ecosystem, ensuring they remain
responsive to changing technological landscapes and emerging trends.

Conflict of interest
The authors declare no potential conflict of interest regarding the publication of this work. In
addition, the ethical issues including plagiarism, informed consent, misconduct, data
fabrication and, or falsification, double publication and, or submission, and redundancy have
been completely witnessed by the authors.

Funding
The author(s) received no financial support for the research, authorship, and/or publication of
this article.
127 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

References
Abu-Musa, A.A. (2005). The role of IT governance in improving corporate governance: a proposed
model from managerial accounting context. Journal of Trade & Finance, 25(2), 55-118.
Aria, M., & Cuccurullo, C. (2017). Bibliometrix: An R-tool for comprehensive science mapping
analysis. Journal of Informetrics, 11(4), 959-975.
Bar-Ilan, J. (2010). Web of science with the conference proceedings citation indexes: The case of
computer science. Scientometrics, 83(3), 809–824. https://doi.org/10.1007/s11192-009-0145-4.
Bar-Ilan, J. (2018). Tale of Three Databases: The Implication of Coverage Demonstrated for a Sample
Query. Frontiers in Research Metrics and Analytics, 3. c10.3389/frma.2018.00006.
Bonnet, D., & Westerman, G. (2020). The new elements of digital transformation. MIT Sloan
Management Review, 62(2), 8.
Çakalı, R.K. (2022). Agency Problem in Corporate Governance: Worldcom Case. İşletme, 3(1), 15-31.
Ceil, C. (2019). Corporate Governance at Lehman Brothers (April 05, 2019).
https://ssrn.com/abstract=3521073 or http://dx.doi.org/10.2139/ssrn.3521073.
Choenni, S., Bargh, M. S., Busker, T., & Netten, N. (2022). Data governance in smart cities:
Challenges and solution directions. Journal of Smart Cities and Society, 1(1), 31 – 51.
Clauss, P., Roncalli, T., & Weisang, G. (2009). Risk management lessons from Madoff fraud.
In Credit, Currency, or Derivatives: Instruments of Global Financial Stability Or Crisis? (Vol.
10, pp. 505-543). Emerald Group Publishing Limited.
Connolly, N., Maccani, G., & Donnellan, B. (2017). IT Governance in Smart Cities: A Conceptual
Framework. In ICIS.
Cremer, F., Sheehan, B., Fortmann, M., Kia, A.N., Mullins, M., Murphy, F., & Materne, S. (2022).
Cyber risk and cybersecurity: a systematic review of data availability. The Geneva Papers on
Risk and Insurance- Issues and Practice, 47, 698-736. https://doi.org/10.1057/s41288-022-
00266-6.
Cunha, G.R., & Frogeri, R.F. (2016). Bibliometric study of the scientific production on information
technology governance. The International Journal of Management Science and Information
Technology (IJMSIT), 21, 29-45.
De Haes, S., & Van Grembergen, W. (2006). Information technology governance best practices in
Belgian organizations. 8, 195b-195b. https://doi.org/10.1109/HICSS.2006.222.
De Haes, S., & Van Grembergen, W. (2008a) Exploring the design of an IT governance minimum
baseline in the Belgian financial services sector. Proceedings of the European and
Mediterranean Conference on Information Systems (EMCIS), Dubai, 25-26.
De Haes, S., & Van Grembergen, W. (2008b). Analyzing the relationship between IT governance and
business/IT alignment maturity. Proceedings of the 41st Annual Hawaii International
Conference on System Sciences (HICSS 2008), 428-428,
https://doi.org/10.1109/HICSS.2008.66.
De Haes, S., & Van Grembergen, W. (2009). An exploratory study into IT Governance
implementations and its impact on business/IT alignment. IS Management, l 26, 123-137.
https://doi.org/10.1080/10580530902794786.
De Haes, S., & Van Grembergen, W. (2012). Enterprise governance of IT and the evolutions in
COBIT: an academic perspective. In Abramowicz, W., Domingue, J. and Węcel, K. (Eds),
Business Information Systems Workshops: BIS 2012 International Workshops and Future
A Socio-economic Analysis of the Online Gambling 128

Internet Symposium, Vilnius, Lithuania, Springer Berlin Heidelberg, 88-103. https://doi.org/

10.1007/978-3-642-34228-8_10.
De Haes, S., Debreceny, R., & Van Grembergen, W. (2013a). Understanding the core concepts in
COBIT 5. ISACA Journal, 5, 15-22.
De Haes, S., Van Grembergen, W., & Debreceny, R. (2013b). COBIT 5 and enterprise governance of
information technology: building blocks and research opportunities. Journal of Information
Systems, 27(1), 307-324. https://doi.org/10.2308/isys-50422.
Dnes, A. (2005). Enron, corporate governance and deterrence. Managerial and Decision Economics,
26, 421-429. https://doi.org/10.1002/mde.1255.
Duan, S.X., Deng, H., & Wibowo, S. (2023). Exploring the impact of digital work on work–life
balance and job performance: a technology affordance perspective. Information Technology &
People, ahead-of-print, https://doi.org/10.1108/ITP-01-2021-0013.
Effah, N.A.A., Asiedu, M., & Otchere, O.A.S. (2022). Improvements or deteriorations? A bibliometric
analysis of corporate governance and disclosure research (1990–2020). Journal of Business and
Socio-economic Development, ahead-of-print. https://doi.org/10.1108/JBSED-10-2021-0142.
Ellili, N.O.D. (2023). Bibliometric analysis on corporate governance topics published in the journal
of Corporate Governance: The International Journal of Business in Society. Corporate
Governance, 23(1), 262-286. https://doi.org/10.1108/CG-03-2022-0135.
Garcia-Perez, A., Sallos, M.P., & Tiwasing, P. (2021). Dimensions of cybersecurity performance and
crisis response in critical infrastructure organisations: an intellectual capital perspective. Journal
of Intellectual Capital, ahead-of-print. https://doi.org/10.1108/JIC-06-2021-0166.
Gerl, A., Heyde, M.V., Groß, R., Seck, R., & Watkowski, L. (2021). Applying COBIT 2019 to IT
Governance in Higher Education. INFORMATIK 2020.
González-Albo, B. & Bordons, M. (2011). Articles vs. proceedings papers: Do they differ in research
relevance and impact? A case study in the Library and Information Science field. Journal of
Informetrics, 5, 369-381. https://doi.org/10.1016/j.joi.2011.01.011.
Hardy, G. (2006). Using IT governance and COBIT to deliver value with IT and respond to legal,
regulatory and compliance challenges. Information Security Technical Report, 11(1), 55-61.
Harzing, A.W. (2007). Publish or Perish. https://harzing.com/ resources/publish-or-perish. (Accessed
20 February 2023).
ISACA (2021). COBIT. https://www.isaca.org/resources/cobit (accessed 20 February 2023).
Joshi, A., Bollen, L., Hassink, H., De Haes, S., & Van Grembergen, W. (2018). Explaining IT
governance disclosure through the constructs of IT governance maturity and IT strategic
role. Information & Management, 55(3), 368-380.
Juiz, C., Duhamel, F., Gutiérrez-Martínez, I., & Luna-Reyes, L.F. (2022). IT managers’ framing of IT
governance roles and responsibilities in Ibero-American higher education
institutions. Informatics, 9, 68. https://doi.org/10.3390/informatics9030068.
Khatri, V., & Brown, C. (2010). Designing data governance. Commununications of the ACM. 53, 148-
152. https://doi.org/10.1145/1629175.1629210.
Korac‐Kakabadse, N., & Kakabadse, A. (2001). IS/IT governance: need for an integrated
model. Corporate Governance, 1(4), 9-11. https://doi.org/10.1108/EUM0000000005974.
Kroes, N. (2010). European commissioner for digital agenda, the critical role of cities in making the
digital agenda a reality. Closing speech to Global Cities Dialogue Spring Summit of Mayors
Brussels, 28(5).
129 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

Kvalvik, P., Sánchez-Gordón, M., & Colomo-Palacios, R. (2022). Beyond technology in smart cities:
a multivocal literature review on data governance. Aslib Journal of Information Management,
ahead-of-print. https://doi.org/10.1108/AJIM-04-2022-0196.
Lompoliu, E. M., Francolla, G. B. R. F., Mandoya, G. R., & Walangitan, M. D. (2022). Information
technology governance analysis using the COBIT 2019 framework at XYZ institution. CogITo
Smart Journal, 8(2), 346-358. https://doi.org/10.31154/cogito.v8i2.427.346-358.
Malatji, M., Marnewick, A.L., & Von Solms, S. (2022). Cybersecurity capabilities for critical
infrastructure resilience. Information and Computer Security, 30(2), 255-
279. https://doi.org/10.1108/ICS-06-2021-0091.
Meçe, E. K., Sheme, E., Trandafili, E., Juiz, C., Gómez, B., & Colomo-Palacios, R. (2020). Governing
IT in HEIs: Systematic mapping review. Business Systems Research: International Journal of
the Society for Advancing Innovation and Research in Economy, 11(3), 93-109.
https://doi.org/10.2478/bsrj-2020-0029.
Mohamed Ariffin, M. S., Muhammad, H., Hassan, M., & Abdul Samad, A. R. (2023). Bibliometric
Analysis of Government Venture Capital. Journal of Information Technology
Management, 15(Special Issue), 166-188.
Mulyana, R., Rusu, L., & Perjons, E. (2021). IT Governance Mechanisms Influence on Digital
Transformation: A Systematic Literature Review. In Twenty-Seventh Americas' Conference on
Information Systems (AMCIS), Digital Innovation and Entrepreneurship, Virtual Conference,
August 9-13, 1-10, Association for Information Systems (AIS), available at:
https://aisel.aisnet.org/amcis2021/adv_info_systems_general_track/adv_info_systems_general_t
rack/19.
Mumu, J.R., Saona, P., Haque, M.S., & Azad, M.A.K. (2022). Gender diversity in corporate
governance: a bibliometric analysis and research agenda. Gender in Management, 37(3), 328-
343. https://doi.org/10.1108/GM-02-2021-0029.
Mumu, J.R., Saona, P., Russell, H.I., & Azad, M.A.K. (2021). Corporate governance and
remuneration: a bibliometric analysis. Journal of Asian Business and Economic Studies, 28(4),
242-262. https://doi.org/10.1108/JABES-03-2021-0025.
Nyakurukwa, K., & Seetharam, Y. (2022). Corporate governance in a weak legal environment: a
systematic review focusing on Zimbabwe. Qualitative Research in Financial Markets, ahead-of-
print. https://doi.org/10.1108/QRFM-01-2022-0012.
Pahlevi, R.W. (2022). Mapping of Islamic corporate governance research: a bibliometric
analysis. Journal of Islamic Accounting and Business Research, ahead-of-
print. https://doi.org/10.1108/JIABR-12-2021-0314.
Peterson, R. (2004). Crafting Information Technology Governance. Information Systems Management,
21, 22 - 7.
Pranckute, R. (2021). Web of Science (WoS) and Scopus: The titans of bibliographic information in
today’s academic world. Publications, 9(1), 12.
Priyadarsini, A., & Kumar, A. (2022). A literature review on IT governance using systematicity and
transparency framework. Digital Policy, Regulation and Governance, 24(3), 309-
328. https://doi.org/10.1108/DPRG-09-2021-0114.
Purnell, P.J. (2021). Conference proceedings publications in bibliographic databases: a case study of
countries in Southeast Asia. Scientometrics, 126, 355–387. https://doi.org/10.1007/s11192-020-
03773-2.
A Socio-economic Analysis of the Online Gambling 130

Qaıd, E.Y.A., Long, I., Azman, K.F., Ahmad, A.H., Othman, Z., Sırajudeen, K., Ahmi, A., & Zakarıa,
R. (2021). Quantitative description of publications (1986-2020) related to Alzheimer disease
and oxidative stress: A bibliometric study. Journal of Cellular Neuroscience and Oxidative
Stress, 13(1), 971-984. https://doi.org/10.37212/jcnos.946898.
Rowlands, B., De Haes, S., & Van Grembergen, W. (2014). Exploring and developing an IT
governance culture framework.
Selig, G., & Wilkinson, J. (2008). Implementing IT Governance: A Practical Guide to Global Best
Practices in IT Management.
https://www.researchgate.net/publication/259334517_Implementing_IT_Governance_A_Practic
al_Guide_to_Global_Best_Practices_in_IT_Management (accessed 20 February 2023).
Singh, G., Tiwari, P., & Garg, V. (2023). HRM Digitalisation: Exploring Success and Outcomes. In
Tyagi, P., Chilamkurti, N., Grima, S., Sood, K. and Balusamy, B. (Ed,s), The Adoption and
Effect of Artificial Intelligence on Human Resources Management, Part B (Emerald Studies in
Finance, Insurance, and Risk Management). Emerald Publishing Limited, Bingley, 199-219.
https://doi.org/10.1108/978-1-80455-662-720230012.
Song, Y., & Cao, J. (2022). An ARIMA-based study of bibliometric index prediction. Aslib Journal of
Information Management, 74(1), 94-109. https://doi.org/10.1108/AJIM-03-2021-0072.
Spears, J., & Barki, H. (2010). User Participation in Information Systems Security Risk Management.
MIS Quarterly, 34, 503-522. https://doi.org/10.2307/25750689.
Tanriverdi, H. (2006). Performance Effects of Information Technology Synergies in Multibusiness
Firms. MIS Quarterly, 30, 57-77. https://doi.org/10.2307/25148717.
Thomas, G., & Sule, M.-J. (2022). A service lens on cybersecurity continuity and management
for organizations’ subsistence and growth. Organizational Cybersecurity Journal: Practice,
Process and People, ahead-of-print https://doi.org/10.1108/OCJ-09-2021-0025.
Tjong, Y., Adi, S., Prabowo, H., & Kosala, R. (2017). Benefits to implementing IT governance in
higher education: (Systematic literature review). In 2017 International Conference on
Information Management and Technology (ICIMTech), 35-38, IEEE.
Van Eck, N.J., & Waltman, L. (2020). VOSviewer manual: Manual for VOSviewer version 1.6.16.
Leiden: Universiteit Leiden.
Van Veldhoven, Z., & Vanthienen, J. (2023). Best practices for digital transformation based on
a systematic literature review. Digital Transformation and Society, ahead-of-
print. https://doi.org/10.1108/DTS-11-2022-0057
Vial, G. (2021), “Understanding digital transformation: a review and a research agenda,” Managing
Digital Transformation, 13-66.
Visitsilp, B., & Bhumpenpein, N. (2021). Guidelines for Information Technology Governance Based
on Integrated ISO 38500 and COBIT 2019, in 2021 Research, Invention, and Innovation
Congress: Innovation Electricals and Electronics (RI2C), 14-18, IEEE.
Weill, P. & Ross, J. (2005). A Matrixed Approach to Designing IT Governance. MIT Sloan
Management Review, 46, 26-34.
Zakaria, R., Ahmi, A., Ahmad, A.H., Othman, Z., Azman, K.F., Ab Aziz, C.B., Ismail, C.A.N., &
Shafin, N. (2021). Visualising and mapping a decade of literature on honey research: a
bibliometric analysis from 2011 to 2020. Journal of Apicultural Research, 60(3), 359-368.
https://doi.org/10.1080/00218839.2021.1898789.
131 Journal of Information Technology Management, 2024, Vol. 16, Issue 2,

Zakaria, R., Patricia, V., Wijaya, A. Ahmad, A.H., Othman, Z., & Mezzetti, B. (2022). Evolution of
Blueberry (Vaccinium Corymbosum L), Raspberry (Rubus Idaeus L) and Strawberry (Fragaria
x Ananassa Duch.) Research: 2012–2021. Journal of Berry Research, 12, 365 – 381.
Zamry, M. N., & Syafinaz, N. (2019). Corporate Governance and Its Determinants: A Study on Wells
Fargo Scandal (No. 93726), University Library of Munich, Germany.
Zhu, J., & Liu, W. (2020). A tale of two databases: The use of Web of Science and Scopus in
academic papers. Scientometrics, 123(1), 321-35.

Bibliographic information of this paper for citing:

Wijaya, Adi & Zahiruddin, Haikal (2024). The evolution and trends in IT governance research: A
bibliometric analysis. Journal of Information Technology Management, 16 (2), 112-131.
https://doi.org/ 10.22059/JITM.2023.357779.3315

Copyright © 2024, Haikal Zahiruddin and Adi Wijaya