Implementing heuristic miner for information system audit based on DSS01 COBIT5 (Case study: CV Narnia distribution)

Abstract

Information systems are able to support the operational activities and provide useful information for users. In fact almost every large companies implementing information systems, but controlling the information system needs additional efforts, one of which is the audit of information systems. Audit is believed to be able to identify risks and evaluate the adequacy of the important controls on information systems. Audits are generally examining data or document but the modern companies stored more detailed information in event logs, transaction logs, databases, data warehouses etc. In this research, COBIT 5 framework is offered as part of the assessment process improvement initiative or part of a capability determination approach. This research aims to renew two important steps in the assessment process, namely the data collection and validation, using a process mining approach. Thus the information systems audit uses process mining to extract knowledge from event logs into useful information for audit purposes. The output of this study is the finding of how process mining can be combined with other data collection methods to improve the results of the assessment program.