Using process mining as an assurance tool in the three-lines-model

TY - JOUR

T1 - Using process mining as an assurance tool in the three-lines-model

AU - Eulerich, Marc

AU - Huang, Qing

AU - Pawlowski, Justin

AU - Vasarhelyi, Miklos A.

N1 - Publisher Copyright: © 2025 The Author(s)

PY - 2025/12

Y1 - 2025/12

N2 - One broadly accepted approach to structure the corporate governance of an organization is the so called “Three-Lines-Model” (TLM), which consists of different assurance providers like internal controls, risk management or internal auditing. While previous studies in the field of process mining showed different specific use cases in different related areas of this TLM, like e.g. internal controls, there is not approach that directly links process mining to the TLM. Thus, this paper directly links process mining to all three lines of the TLM and validates the conceptual use cases with real corporate data from a multinational company. The results show the benefits of a TLM-wide implementation of process mining. Thus, our study contributes to the ongoing practical and academic discussions in several ways. First, it leverages the power of the TLM to construct the company's assurance lines through process mining. Second, the real-world application in a multinational company provides a deep understanding of existing controls and monitoring environment. Third, it offers a broad variety of validated use cases that are aligned with the different lines and can be used as a generic framework for using process mining for different assurance activities.

AB - One broadly accepted approach to structure the corporate governance of an organization is the so called “Three-Lines-Model” (TLM), which consists of different assurance providers like internal controls, risk management or internal auditing. While previous studies in the field of process mining showed different specific use cases in different related areas of this TLM, like e.g. internal controls, there is not approach that directly links process mining to the TLM. Thus, this paper directly links process mining to all three lines of the TLM and validates the conceptual use cases with real corporate data from a multinational company. The results show the benefits of a TLM-wide implementation of process mining. Thus, our study contributes to the ongoing practical and academic discussions in several ways. First, it leverages the power of the TLM to construct the company's assurance lines through process mining. Second, the real-world application in a multinational company provides a deep understanding of existing controls and monitoring environment. Third, it offers a broad variety of validated use cases that are aligned with the different lines and can be used as a generic framework for using process mining for different assurance activities.

KW - Assurance

KW - Event log transformation

KW - Internal auditing

KW - Internal controls

KW - Process mining

KW - Risk management

KW - Three lines model

KW - Three lines of defense

UR - http://www.scopus.com/inward/record.url?scp=85215583507&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85215583507&partnerID=8YFLogxK

U2 - 10.1016/j.accinf.2025.100731

DO - 10.1016/j.accinf.2025.100731

M3 - Article

SN - 1467-0895

VL - 56

JO - International Journal of Accounting Information Systems

JF - International Journal of Accounting Information Systems

M1 - 100731

ER -