Abstract. Recently, several large companies have been involved in financial scandals related to mismanagement, resulting in financial damages for their stockholders. In response, certifications and manuals for best practices of governance were developed, and in some cases, tougher federal laws were implemented (e.g. the Sarboness Oxley Act). Companies adhered to these changes adopting the best practices for corporate governance by deploying Process Aware Information Systems (PAISs) to automate their business processes. However, these companies demand a rapid response to strategic changes, so the adoption of normative PAISs may compromise their competitiveness. On one hand companies need flexible PAISs for competitiveness reasons. On the other hand flexibility may compromise security of system because users can execute tasks that could result into violation of financial loses. In order to re-balance this trade-off, we present in this work how ProM tools can support anomaly detection in ...