0% found this document useful (0 votes)

117 views19 pages

A Business Process Gap Detecting Mechanism Between Information System Process Flow and Internal Control Flow

A BUSINESS PROCESS GAP DETECTING MECHANISM BETWEEN INFORMATION SYSTEM PROCESS FLOW AND INTERNAL CONTROL FLOW

Uploaded by

Ibass Iswanto

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

117 views19 pages

A Business Process Gap Detecting Mechanism Between Information System Process Flow and Internal Control Flow

A BUSINESS PROCESS GAP DETECTING MECHANISM BETWEEN INFORMATION SYSTEM PROCESS FLOW AND INTERNAL CONTROL FLOW

Uploaded by

Ibass Iswanto

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 19

Decision Support Systems 47 (2009) 436454

Contents lists available at ScienceDirect

Decision Support Systems

j o u r n a l h o m e p a g e : w w w. e l s ev i e r. c o m / l o c a t e / d s s

A business process gap detecting mechanism between information system process

ow and internal control ow
Shi-Ming Huang a,1, David C. Yen b,, Yu-Chung Hung a,1, Yen-Ju Zhou a,1, Jing-Shiuan Hua c
a
b
c

Department of Accounting & Information Technology, National Chung-Cheng University, Chia-Yi, Taiwan, ROC
Department of DSC & MIS, Miami University, Oxford, OH 45056, USA
Department of Management Information Systems, National Chung-Cheng University, Chia-Yi, Taiwan, ROC

a r t i c l e

i n f o

Article history:
Received 26 March 2008
Received in revised form 26 February 2009
Accepted 15 April 2009
Available online 22 April 2009
Keywords:
Computer-Assisted Audit Techniques and
Tools (CAATTs)
Business process gap detecting mechanism
Database log
Resource and value dependence method
Internal control ow

a b s t r a c t
The information system (IS) has become an important backbone of the modern enterprise, which has caused
electronic data generated by the IS to be more easily manipulated and destroyed than hardcopy data. It is
therefore important for auditors to assure that the IS is well-controlled and secure. Auditors generally use
Computer-Assisted Audit Techniques and Tools (CAATTs) to assist them in auditing the IS, though given the
growing complexity of these systems, it is hard to completely perform a control test of the systems. This
research aims to develop a mechanism, namely the Business Process Gap Detecting Mechanism (BPGAPDetecting Mechanism), to automatically detect the business process gap between IS processes and internal
control ows. This study also justies the feasibility of BPGAP-Detecting Mechanism by providing a real case
study. The result indicates that the BPGAP-Detecting Mechanism can assist the case company in resolving
data quality problems that have occurred in its ERP (Enterprise Resource Planning) system and can also
provide additional information for the company.
2009 Elsevier B.V. All rights reserved.

1. Introduction
During the last several decades, the information system (IS) has
become the backbone of the modern enterprise because of its
efciency and effectiveness. However, electronic data generated by
the IS have become easier to change, manipulate, or destroy. These
aspects of IS have created an easier way for crime to take place [16].
This fact was quantied in the 2005 Computer Crime and Security
Survey, which revealed that losses caused by computer crimes and
computer security breaches were $130,104,542 for the 639 respondents in 2005 [17]. Hence, it is important for auditors to assure that ISs
are adequately controlled, secured, and function as intended [39].
Reassuring IS security in the modern business environment
requires a complete understanding of the continuous events that
comprise the way businesses organize their activities. An important
way to attain this understanding is to deconstruct a business into its
underlying business processes [5]. It should be noted that the
SarbanesOxley (SOX) Act [44] requires both managers and auditors
to force rms to follow their business activities more closely and verify

Corresponding author. Tel.: +1 513 529 4827 (ofce); fax: +1 513 529 9689.
E-mail addresses: [email protected] (S.-M. Huang), [email protected]
(D.C. Yen), [email protected] (Y.-C. Hung), [email protected]
(Y.-J. Zhou), [email protected] (J.-S. Hua).
1
Tel.: +886 4 272 0411x16811.
0167-9236/$ see front matter 2009 Elsevier B.V. All rights reserved.
doi:10.1016/j.dss.2009.04.011

controls over the rm's nancial reporting processes [23]. To improve

the performance and efciency of business processes, IS activities
should be recorded in a log that indicates when and who accesses
what data [3]. These logs should be reviewed frequently to ensure that
system activities parallel business activities [43].
However, the increasing complexity and variety of IS along with
the need to uncover unrevealed information provides auditors with
serious challenges. It is difcult to audit the IS if auditors do not know
the data structure and process ow inside the system. When auditing
the IS, either the control test or the substantive test is conventionally
required. The control test indicates the illegal actions which have
violated internal controls, while the substantive test is performed to
test the material misstatements afterwards [40]. In general, auditors
use the Computer-Assisted Audit Techniques and Tools (CAATTs) to
support them in auditing these systems [11,36,43]. Most CAATTs
provide the substantive test of the IS, but it is more effective to review
the controls of the systems than to audit the output data [53]. In
addition, the CAATTs which only provide the substantive test of the IS
may fail to nd the business process gap between IS process ow and
internal control ow. The above phenomenon may lead to poor data
quality, the mask-up effect, incorrect decision-making, or fraudulence.
Therefore, the control test is essential for the CAATTs to ensure that
the business process gap does not exist between IS process ow and
internal control ow. In specic, both the control test and substantive
test should be included to complement each other in the CAATTs. In
practice, auditors should not only audit the output data produced after

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

the IS process ow, but audit the activities conducted during the IS
process ow itself. For some complex information systems, they need
to perform more control tests rather than only substantive tests or
control tests in order to reduce the audit risk to an appropriate level
[57].
It is doubtless that CAATTs can help auditors to audit the IS in
either a static or dynamic way. Although many CAATTs were proposed
in the past two decades, they are still in their infancy and possess
some limitations and drawbacks. Generalized Audit Software (GAS),
Parallel Simulation, Test Data, and Integrated Test Facility (ITF) focus
on the output data produced by the IS. They provide the substantive
test and risk assessment, and cannot detect the business process gap
between the IS process ow and the internal control ow. Although
the concept and execution of the control test are not difcult to realize,
the prototype systems/commercial software which can perform the
control test are limited.
An Embedded Audit Module can detect the business process gap
between the IS process ow and the internal control ow by working
with the IS. However, it is difcult to construct a general system which
can combine with different IS. Additionally, client cooperation is also a
disadvantage of Embedded Audit Module [20], as auditees are not
always willing to be cooperative with auditors, whose applications
affect their IS. In short, because of the complexity of the IS without
combining the CAATTs with these systems, it is difcult to conduct the
entire control test of the IS.
As a result, this paper aims to propose a mechanism to automatically perform a control test of the IS of rms. This prototype
system is expected to achieve the following objectives:
automatically identify the internal control for the audit objects;
automatically identify the IS process ow for the audit objects;
automatically compare the internal control ow with the IS ow to
detect any differences between these two ows.
In addition to the aforementioned objectives, this study can also be
recognized as an effective development practice which can provide
the structured form, formal logic and mathematical algorithm for the
whole auditing process and can be used as a reference for future
researchers and practitioners.
2. Literature review
2.1. Computer-assisted audit techniques and tools
Over the past two decades, several CAATTs were proposed by prior
studies of auditing [11,13,15,20,36,43], such as GAS, Parallel Simulation, Test data, ITF, the Embedded Audit Module, and so on. This study
classies them into three categories: Substantive Tests, Control Tests,
and Hybrid Tests including both Substantive Tests and Control Tests.
The classication of CAATTs is tabulated in Table 1.

Table 1
Classication of computer-assisted audit techniques and tools.
Test type

CAATTs

Estimated by

Degree of
embedded on
client's system

Software

Substantive
test

Generalized Audit
Software(GAS)
Parallel Simulation
Test data
Integrated Test
Facility (ITF)
Embedded audit
module

Output data

N/A

ACL/IDEA

Output data
Output data
Output data

N/A
N/A
Middle

N/A
N/A
N/A

System processing/
output data

High

Oracle/SQL
Server /IBM
DB2

Control test

Both

437

The purpose of the substantive test is to ensure the integrity and

data quality of the output data produced by the IS. Both GAS and
Parallel Simulation can perform the substantive test, though GAS is the
most frequently used technique of CAATTs [11]. GAS software like
Audit Command Language (ACL) and Interactive Data Extraction and
Analysis (IDEA) are widely employed by rms. It has a friendly user
interface to extract the data produced by the systems and analyzes the
patterns of variables. By constructing another identical IS, Parallel
Simulation will compare and verify the data produced by both systems
to detect the gap/difference between two systems.
The control test, including risk assessment and compliance tests, is
used to ensure IS process ows. Both Test Data and ITF can perform the
control test. Test Data is a technique in which auditors prepare the
input data for the auditee's IS and analyze the output results to assess
the potential risk of the systems. The ITF is similar to the Test Data, as
both ITF and Test Data employ some dummy data as test sets to help
auditors analyze the output result of the dummy test data and to
detect any potential risk.
The Hybrid Test, like the Embedded Audit Module, can perform
both substantive tests and control tests. The Embedded Audit Module
combines the audit module with the IS, and can therefore monitor the
IS process ow and collect data. However, it is less popular due to its
difculty in getting cooperation of the auditee and in constructing a
general system which can combine with different ISs.
2.2. Dynamic modeling tools for internal control ow
Internal control is a process that permeates an organization's
activities and hence, provides reasonable assurance that the following
control objectives are achieved [43]. To this end, internal control is
critical to any business organization. Without the ability to ensure the
accuracy and reliability of information produced by ISs, it is difcult
for a business organization to survive in a competitive environment
[8]. Furthermore, the implementation of ISs and other associated
systems performed in business process is not straightforward [19]. For
these reasons, it is necessary to assure that the IS process ow
conforms to the planned control objective. The design and evaluation
of systems of internal control also have become important tasks to
auditors. This is because they are charged with responsibility of
certifying to the reliability of information produced by ISs [8].
Auditors evaluate information reliability by assessing whether or
not the appropriate system controls are in place and under operating
effectively [18]. Almost all practicing auditors employ some sort of
internal control system, such as questionnaires, narrative descriptions,
and owcharts, in their resulting evaluation process [8]. Utilizing the
computer-assisted methods has the unique advantage of bringing the
speed, accuracy, and great memory capacity of the computer to carry
out the internal control evaluation problem [8,34]. The computerassisted evaluation actually allows the utilization for larger and more
complex models. Moreover, it can be much more rigorous than the
using of manual methods [8,34].
To complete the assessments of the reliability of system controls, IS
auditors rstly need to understand the IS processes information [18].
In order to realize the system and thus, conduct the control test for an
IS, auditors rely heavily on an understanding of the internal control
ow of the IS. Therefore, it is important to choose a suitable,
computer-assisted dynamic modeling tool to keep track of the internal
control ow of the IS. The most common tools are: Flowchart [21],
Event-driven Process Chain (EPC) [56], extended Event-driven Process
Chain (eEPC) [25,46], IDEF [7], Unied Modeling Language (UML)
[10,45], Data Flow Diagram (DFD) [47,52], Business Process Modeling
Notation (BPMN) [49], and Petri-Net [12]. Table 2 classies them into
three categories: workow model, dataow model, and mathematical
model. The classication can focus the modeling tools on the usage.
The purpose of the workow model is to depict the dynamic
workow which has the sequential, iterative, parallel, and conditional

438

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

Table 2
Classication of the dynamic modeling tools.

Table 3
Mapping dynamic modeling tools to Petri-Net.

Classication

Description

Modeling tools

XML

Software

Author

Modeling tools

Year

Workow
model

Modeling the sequential,

iterative, parallel, and
condition properties of the
workow for information
systems

N/A
EPML
EPML
BPEL
N/A
UXF

DFD to Petri-Net
EPC to Petri-Net
UML Activity Diagrams to Petri-Net
IDEF0 to IDEF3 and IDEF3 to Petri-Net
IDEF0 and IDEF3 to Petri-Net

1992
1999
2001
2001
2004

Modeling the ow of data

through the process of
information system

Visio
Visio
AXIS/Visio
N/A
BPWIN
Rational
Rose/Visio
Visio
ARIS/Visio
Rational
Rose

Lee and Tan

Aalst
Meena et al.
Kim et al.
Lee et al.

Data ow
model

Flowchart
EPC
eEPC
BPMN
IDEF3
UML activity
diagram
DFD
eEPC
UML
interaction
diagram
Petri Net
IDEF2

Mathematical
model

Combining the graph

description and mathematical
analysis to simulate and
analyze information system

N/A
EPML
UXF

PNML
N/A

CPN Tool
Witness

the tokens will be removed from the input places and are added to the
output places according to the weight of the input arc and output arc
[2,31]. Then the conditions or the resources of the systems are said to
be changed or moved from one to another one, and the marking of the
Petri-Net is updated to represent the new state.
2.4. Reachability analysis of the Petri-Net

properties of the IS. The purpose of the dataow model is to depict the
dynamic dataow through the processes. The workow model and
dataow model can contain the fundamental ows of the IS, but they
cannot provide any simulation and analysis method. Therefore, to
simulate and analyze the system, a mathematical model is needed.
Mathematical models can depict the IS by using graphical notation
and performing dynamic simulation and mathematical analysis on the
model.
2.3. The mathematical model: Petri-Net
Petri-Net is a mathematical modeling tool which was invented by
C. A. Petri (1962) to describe and simulate the concurrent processes
of the networks [58]. It provides both graphical description and
mathematical analysis capabilities and is widely used in simulating
and analyzing the concurrent, asynchronous, distributed, and
stochastic systems [28,37,54].
A Petri-Net is dened by 5 tuples:
PN = (P, T, F, W, M), where:

P is the set of places.

T is the set of transitions.
Fp(P T)(T P) is the set of arcs.
W is a function which means the weight of the arc.
M is the marking vector which means the number of tokens in each
place when a Petri Net is static.

When the transitions are ring, which means the processors, the
tasks, or the functions of the systems are executing, the numbers of

The major strength of the Petri-Net is to analyze the properties of

a complicated system or problem in an easy and well-constructed
way. In this research, reachability analysis of the Petri-Net is used to
detect any business process gap. If a marking Mb is possible to reach
from Ma after a sequence of transitions is red, it is said that Mb can
be reached from Ma. The Incidence Matrix and State Equation can
analyze the reachability of Petri-Net. The method creates a matrix:
Incidence Matrix I based on the Petri-Net. Each row of I is the place
and each column of I is the transition. Elements Ei,j in I means the
number of tokens changed of place j when transition i red. After
creating the Incidence Matrix, it can be performed on the State
Equation: Mb = Ma + I ring vector to predict the reachability
between Ma and Mb. Firing vector is a vector of non-negative integers
which maps every transition to its number of occurrences in a ring
sequence [9,50]. This method is easy to implement on computers
because of the mathematical formula. Fig. 1 is a simple example of the
Incidence Matrix and State Equation. By comparing the vector values
in Ma and Mb, the reachability of Petri-Net can detect the difference
between two data sets. The example that illustrates this reachability
can be seen in the Section of 3.5.
2.5. Mapping workow and dataow models to mathematical model
The workow and dataow models are more familiar than the
mathematical model for human beings, but they only have the
graphical description capability. Therefore, many researchers
map workow and dataow models to the mathematical
model: Petri Net [1,27,29,30,33]. Table 3 summarizes the conversion from the workow and dataow models to mathematical
model: Petri-Net.

Fig. 1. The incidence matrix and state equation of Petri-Net.

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

3. System architecture
The objective of this research is to develop an automatic mechanism
to detect the business process gap between the IS process ow and the
internal control ow. The mechanism should be automatic in order to
support continuous auditing [24,40,41]. The audit object of the automatic
mechanism is the business process compliance test, and the audit
evidence the automatic mechanism needs includes the IS process ow
and internal control ow. The automatic mechanism has three phases:
Phase1: Identifying the internal control ow for audit object.
Phase2: Identifying the IS process ow for audit object.
Phase3: Business process gap analysis.

439

gap-detecting mechanism. This three phase architecture is widely

used in other gap detecting architecture approaches.
After Phase3, an analysis report is produced to identify the
business process gap between IS process ow and internal control
ow. The business process gap may exist due to nonstandard actions
taken by end users, modication of systems without updating internal
control ow, primary error of the systems, a security aw of the
system, etc. Once the analysis report indicates that the IS has a
business process gap, auditors need to determine why the business
process gap exists and formulate the audit report. Fig. 2 illustrates the
whole mechanism. The three phases of the automatic mechanism are
interpreted in detail in the following sections.
3.1. Phase1: identifying the internal control ow for audit object

The three phases use a simple logical inference method. Phase1

and Phase2 will identify and reconcile the two pieces of audit
evidence, while Phase3 is the kernel algorithm of the business process

3.1.1. Phase1-1: depicting the internal control ow

The SarbanesOxley (SOX) Act section 404 requires the enterprise
to document their processes that are supported by IS [14]. Therefore,

Fig. 2. Business process gap detecting mechanism.

440

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

under the SOX, enterprises should have the documentation of the

internal control ow of their IS.
The IS is comprised of the workow and dataow [52]. Therefore,
the internal control ow of the IS can be identied by using the
workow and dataow models. In this research, the eEPC (extended
Event-driven Process Chain) diagram is chosen as the workow and
dataow model for internal control ow. The eEPC diagram extended
the workow model EPC (Event-driven Process Chain) by providing it
with enhanced resources [46] so that it involves both the workow
and dataow. The eEPC has also been widely used. The leading ERP
(Enterprise Resource Planning) system vender SAP adopts it to
illustrate the SAP R/3 system's processes [26] and the leading BPM
(Business Process Management) system vender, IDS-Scheer, also
embedded it as the basic element of the control view, which integrates
the data view, function view, and organization view within the
Architecture of Integrated IS (ARIS) framework [46]. Denition1
formalizes the syntax of the eEPC based on the syntax of EPC [1].
Denition 1. (extended Event driven Process Chain): An extended
Event-driven Process Chain is three tuple: eEPC = (G,R,DF),where:
G is a basic EPC, G = (E, F, C, T, A).
R is a nite set of resources.
DFp(F S)(R F) is a set of dataow arcs.
There should rst be an underlying EPC diagram which describes
the basic workow of the IS. Then, resources and dataow arcs are
added on the EPC diagram where dataow arcs connect the resources
and the functions of EPC. The underlying EPC should follow the
requirements of EPC formalized by Aalst [1] to avoid conict of the
workow. The dataow should also contain some detailed denitions
about what operations the functions perform on the resources.
Denition2 denes the operations according to the direction of the
dataow. It classies the operations into input dataow operation and
output dataow operation. The details of the input dataow operation
and the output dataow operation are based on the Data Manipulation Languages (DML) of the database.
Denition 2. (Operations of Dataow): Let eEPC = (G, R, DF) and
DF = (SELECT, INSERT, UPDATE, DELETE), where:
DFp(R F)DF = (SELECT),
an input dataow arc must have a SELECE operation.
DFp(F R)DF = (INSERT, UPDATE, DELETE),
an output dataow arc must have an INSERT, UPDATE, or DELETE
operation.

Fig. 3 illustrates the eEPC diagram for a standard sales-to-delivery

cycle of SAP R/3's Sales and Distribution (SD) module [51]. The eEPC
has three functions (i.e. NEW SALES ORDER DOCUMENT, MODIFY
SALES ORDER DOCUMENT, and NEW DELIVERY) and four resources
(i.e. SALES DOC. HEADER: VBAK, SALES DOC. ITEM: VBAP, DEVILY
HEADER: LIKP, and DELIVERY ITEM: LIPS). The three functions perform
operations on the four resources. For example, the NEW SALES ORDER
function performs the INSERT operation on the SALES DOC. HEADER:
VBAK and SALES DOC. ITEM: VBAP.
3.1.2. Phase1-2: constructing the mathematical model of the internal
control ow
To perform an analysis with the model, this paper needs to
construct the mathematical model of the internal control. Petri-Net is
chosen as the mathematical model in this research. Aalst [1] has
formulized the transformation methods between the EPC diagram and
Petri-Net. In this research, the elements involved in workow (i.e.
Events, Functions, and Connectors) and dataow (i.e. Resources and
Dataow) need to convert to Petri-Net. This paper adopts the
transformation rules of Aalst [1] for the workow part of eEPC. The
rules are described in Figs. 4 and 5, respectively. The Event, Function,
and Resource mapping between the eEPC diagram and Petri-Net were
provided in Fig. 4. The AND and XOR Connectors mapping between the
eEPC diagram and Petri-Net are illustrated in Fig. 5.
According to denition2, the dataow part of eEPC contains four
operations (i.e. SELECT, INSERT, UPDATE, and DELETE). Therefore, the
transformation is constructed based on the idea of resource lock for
the four operations of dataow part of eEPC. Fig. 6 illustrates the
SELECT, INSERT, UPDATE, and DELETE dataow mapping between the
eEPC diagram and Petri-Net.
3.1.3. Phase1-3: adjusted Petri-Net of the internal control ow
Petri-Net, which is converted from eEPC, should be adjusted
to reconcile with the structure of the IS process ow. The reconciliation of the ow can reduce the conicts of the internal control
ow and IS process ow when performing the analysis mechanism.
First, the resources which do not affect the major transactions in
Petri-Net should be removed. Second, to avoid the ignored dataow,
the weight of the arcs between dataow places and dataow
transitions are adjusted to equal 2. This means that the dataow
places must require two tokens for ring the connected dataow
transitions. Once the dataows are scanned from the IS process ow,
one token is put into the corresponding places of the internal control
ow, so that there are two tokens in the corresponding places and the
connected dataow transitions can re. The token in dataow places

Fig. 3. Sales-to-delivery cycle of SAP R/3 SD.

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

441

Fig. 4. Event, function and resource mapping.

of the internal control ow will not move to other places if a business

process gap exists between it and the IS process ow. Third, the
transition: RESOURCE UNCONCERNED is added for all resources to
reduce the tokens of the resources place in case the resources may
become irrelevant later. While executing the SELECT operation of a
dataow, the original token will be reserved in the initial resource
place and the new copied token will be moved to other places. At the
end of the dataow, the reserved token may become irrelevant. For
example, SALES DOC. HEADER (which can be represented by VBAK)
and SALES DOC. ITEM (which can be represented by VBAP) are
relevant in SALES process, but irrelevant in the DELIVERY process.
Therefore, it is required that the transitions are added for all resources
to reduce the reserved token.
Denition3 formulizes the adjusted Petri-Net in this research. After
transferring the eEPC (Fig. 3) to the Petri-Net according to the
mapping rules in phase1-2, the transferred Petri-Net is adjusted as in
Fig. 7 by Denition3. The weights of the six arcs between dataow
places and dataow transitions (i.e. the arc between INSERT VBAK
dataow places and INSERT VBAK dataow transitions) are adjusted
to 2. Four transitions (i.e. VBAK UNCONCERNED) are added for the
four resources including VBAK, VBAP, LIPS, and LIKP to avoid the
resources' potential irrelevance later.
Denition 3. (Asjusted Petri Net): Let N (eEPC) be the Petri Net
which is converted from standard procedure (eEPC), an asjusted Petri
Net mN (eEPC) is satised:
Remove Basic Resources (Rb) and Unconcerned Resources (Ru) in N
(eEPC).
Adjust the weight of the arc between dataow place and dataow
transition equals to 2 in N (eEPC).
Add the transitions: RESOURCE UNCONCERNED for all resources to
reduce tokens of the resources place.
3.2. Phase2: Identifying the IS process ow for audit object
3.2.1. Phase2-1: extracting database log
The second phase identies the IS process ow. The IS process ow
has both a logical workow and physical dataow, wherein the logical
workow is physically implemented by the physical dataow [52].
Identifying the logical workow of IS is more difcult than the
physical dataow. Various IS have various workow log structures, though almost all database management systems (DBMS) have
the same database log structure. However, because the logical workow
is physically implemented by the physical dataow, this study can use
the physical dataow and extend it to represent the logical workow.
For instance, the logical workow: NEW SALES ORDER DOCUMENT is
physically implemented by the physical dataow: INSERT VBAK and
INSERT VBAP. This study supposes that if dataow of INSERT VBAK and
INSERT VBAP is performed, it must be performed by the workow: NEW
SALES ORDER DOCUMENT. Therefore, the physical dataow (INSERT
VBAK and INSERT VBAP) can be extended to the logical workow (NEW
SALES ORDER DOCUMENT). It is then possible to combine the extended
workow and the dataow with the IS process ow. The extension of

physical dataow to logical workow is implemented in Phase3:

Business Process Gap Analysis.
The database log of DBMS, which records how IS use database
manipulation language (DML) commands to interact with DBMS, is
the result of the physical dataow. Retrieving the database log is easy
because DBMS such as Oracle and Microsoft SQL (Structured Query
Language) Server can provide the log le, which records activities run
on them in a common structure [35,38,42].
3.2.2. Phase2-2: resource and value dependence method
In practice, there may be numerous tasks executing in parallel
within the IS that will cause the database to log chaotically. Unless
there is a method to group the log data by task, it is impossible to
proceed to the analysis mechanism of the mathematical model. In
order to deal with the chaos of the database log, this research uses a
Resource and Value Dependence Method to distinguish the DML
commands in the database log from one task to another.
Denition 4. (Log and Tasks): Let L be the database log.
T be the set of tasks, where TpL.
Tasks are different assignments in the process instance.
Denition4 denes the relationship of the log and the tasks. Before
proceeding to the Resource and Value Dependence Method, it is
important to break down the resources of the IS to the most basic
resources, the transaction resources and the unconcerned resources. The
basic resources are the resources that are only needed during the
transaction. For example, Material Master Sales Document: Header Data
(which can be represented by MARA) is the basic resource in SAP R/3 SD.
The transaction resources are the resources that are produced or altered
during the transaction. VBAK, VBAP, LIKP (Delivery: Header Data), and
LIPS (Delivery: Item Data) are the transaction resources in SAP R/3 SD.
Unconcerned resources are those resources that are not related during
the transaction. Denition5 formalizes the three resources of IS.
Denition 5. (Basic Resources, Transaction Resources, Unconcerned
Resources):
Let R be the resources of eEPC, R = RbRtRu, where
Rb is a set of basic resources.
Rt is a set of transaction resources.
Ru is a set of unconcerned resources.
The Resource and Value Dependence Method is separated into
Resource Dependence and Value Dependence. Since Value Dependence relies on Resource Dependence, it is important to rst dene
the Resource Dependence. Denition6 formalizes the Resource
Dependence of the DML commands.
Denition 6. (Resource Dependence of DML Commands): DR = (ci,cj),
ci,cj2L,
i,j = 1,2,,n, which means Data Manipulation Language (DML)
Commands:
ci and cj in database log has Resource Dependence DR.

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

Fig. 5. AND and XOR connectors mapping.

442

443

Fig. 6. SELECT, INSERT, UPDATE, and DELETE dataow mapping.

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

444

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

Fig. 7. Adjusted Petri-Net for sales-to-delivery cycle of SAP R/3 SD.

DR = DRttDRtbDRbb, where:
DRtt = {(ci,cj)|(PKRs)(ci)p(FKRs)(cj), if Rs(ci)2 RtRs(cj)2Rt}
DRtb = {(ci,cj)|(FKRs)(ci)t(PKRs)(cj), if Rs(ci)2 RtRs(cj)2Rb}
DRbb = {(ci,cj)|(PKRs)(ci)p(FKRs)(cj), if Rs(ci)2 RbRs(cj)2Rb}
where:
Rs (c) is the function which maps command c's resource.
PK (r) is the function which maps resources r's primary keys.
FK (r) is the function which maps resources r's foreign keys.
The two resources basic resource Rb and transaction resource Rt
break down Resource Dependence into three different relationships:
DRtt, DRtb, and DRbb. DRtt is the Resource Dependence of two
transaction resources, DRtb is the Resource Dependence of the
transaction resource and basic resource, and DRbb is the Resource
Dependence of two basic resources.
It is easy to understand Resource Dependence when thinking about
the character of primary keys and foreign keys of each entity in the
Entity Relationship Model (ER Model). In the ER Model, there exists a
relationship between two entities if one entity's foreign keys are
referenced from the other's primary keys [48]. Therefore, in a database
log, there exists Resource Dependence between two DML commands if
the two resources involved in the commands have a relationship.

After satisfying Resource Dependence, it is possible to separate the

tasks based on the Value Dependence. Denition7 denes the Value
Dependence of the commands.
Denition 7. (Value Dependence of DML Commands): DV = (ci,cj)ci,cj
2 L,
i,j = 1,2,,n, which means Data Manipulation Language (DML)
Commands:
ci and cj in database log has value dependence DV.
DV = DVttDVtbDVbb, where:

9
=
VBPKBRsci = VBFKBRs cj ;

DVtt =
ci ; cj j
:
if Rsci aRt 1Rs cj aRt 1 ci ; cj aDRtt ;

8
9
<
=

VBFKBRsci = VBPKBRs cj ;

DVtb =
ci ; cj j
:
if Rsci aRt 1Rs cj aRb 1 ci ; cj aDRtb ;

8
9
<
=

VBPKBRsci = VBFKBRs cj ;

DVbb =
ci ; cj j
:
if Rsci aRb 1Rs cj aRb 1 ci ; cj aDRbb ;
8
<

where:
V(k) is the function which maps key k's value in database log.

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

445

primary key (PK), PK value, foreign key (FK), FK value, and a

transactions ID. The log will clearly be chaotic as a result of the parallel
execution of the two tasks, and thereby cannot proceed to the analysis
mechanism. According to Denition5, all entities of the database log in
Table 4 are transaction resources except that C1 is a basic resource. The
Resources Dependence of entities within the database log can be
derived according to Denition6. For example, the Resources
Dependence between C2 and C3 exists because C3's foreign key
(VBAK.VBELN) is referenced from C2's primary key (VBELN). After
deriving the Resources Dependence of entities, the Value Dependence
of entities with Resources Dependence also can be extracted by
Denition7. For example, the Value Dependence between C2 and C3
also exists besides Resources Dependence because the values of C2's
primary key (VBELN) is the same as the value of C3's foreign key
(VBAK.VBELN). Therefore, the three different relationships of Value
Dependence can be dened so that DVtt = {(C2,C3), (C2,C4), (C3,C12),
(C4,C13), (C5,C6), (C5,C10), (C6,C8), (C7,C8), (C9,C6), (C9,C10),(C11,
C12), (C11,C13)}, DVtb = {(C1,C3), (C1,C4), (C1,C6), (C1,C10)}, and
DVbb. = {}. By then proceeding to the Algorithm1, the interrelated
entities can be extracted from the sets of DVtt and grouped into each
task. Therefore, there are two tasks: T1 = (C2, C3, C4, C11, C12, C13)
and T2 = (C5, C6, C7, C8, C9, C10) in this log.
However, a problem still exists. The eEPC only models the abstract
dataow between resources and functions, and therefore cannot tell us
how many DML commands are performed in the dataow. For example,
according to eEPC in Fig. 3, this study only knows that the NEW SALES
ORDER function will perform INSERT on VBAK and VBAP, when in fact
the INSERT operation is executed twice on VBAP in ORDER: 7394 since
there are two items in one order. Therefore, this requires a grouping of
DML commands into each operation processed by a function in one task.

Since Value Dependence relies upon Resource Dependence, it also

breaks down into three different relationships: DVtt, DVtb, and DVbb.
The Resource Dependence can ensure that the resources of the two
DML commands are related. However, to distinguish between tasks
within the database log, a comparison of their values is needed. Two
DML commands may possess Value Dependence if they satisfy the
following requirements:
1. They have Resource Dependence.
2. The values of one's primary keys are the same with values of the other
one's foreign keys which are referenced from the primary keys.
The database log is now comprised of many Value Dependencies
DVp = (ti,tj), p = 1,2,,m and i,j 2 1,2,,n. This study then follows
Algorithm1 to group the DML commands in database log relative to
each task.
Algorithm 1. (Group Database Log into Tasks): Let Value
Dependence of transaction resources (DVtt)p = (ci,cj)2DV, p = 1,2,,
m, i, j21,2,,n and Task Ta2T,a = 1,,k:
Loop (DVtt)p from p = 1 to p = m
Loop Ta from a = 1 to a = k
if ci 2 Tacj2Tado nothing and break
else if ci 2 Tacj Taput tj into Ca and break
else if ci Tacj2Taput ti into Ca and break
else a = a + 1
if a = k + 1create a new Tk + 1, put ci and cj into TK + 1 and set
k=k+1
p=p+1

Denition 8. (Operations): Let O be the set of the operations processed by functions in each task, where OpTpL.

Order every commands in Ta ascending.

For example, let us examine the sales-to-delivery cycle of SAP R/3
SD, which includes two tasks. Table 4 combines the database schema
and database log of the two tasks, which includes ID, operation, table,

An operation is a physical work which is performed by logical unit of

the process.

Table 4
Database log for the sales-to-delivery cycle of SAP R/3 SD.
ID

Operation

Table

Value

C1
C2

UPDATE
INSERT

MARA
VBAK

INSERT

VBAP

MATNR
VBELN
VBELN
POSNR

FERT001
7394
7394
01

C4
C5
C6
C7
C8

C9
C10
C11
C12

C13

INSERT
INSERT
INSERT
INSERT
INSERT

UPDATE
INSERT
INSERT
INSERT

INSERT

VBAP
VBAK
VBAP
LIKP
LIPS

VBAK
VBAP
LIKP
LIPS

LIPS

VBELN
POSNR
VBELN
VBELN
POSNR
VBELN
VBELN
POSNR

VBELN
VBELN
POSNR
VBELN
VBELN
POSNR

VBELN
POSNR

7394
02
9501
9501
01
800311
800311
01

9501
9501
01
800312
800312
01

800312
02

Value

Transaction ID
0000:000f331
0000:000f332

VBAK.VBELN

7394

MARA.MATNR
VBAK.VBELN

FERT001
7394

MARA.MATNR

FERT002

VBAK.VBELN

9501

MARA.MATNR

FERT001

LIKP.VBELN

800311

VBAP.VBELN
VBAP.POSNR

9501
01

VBAK.VBELN

9501

MARA.MATNR

FERT001

LIKP.VBELN

800312

VBAP.VBELN
VBAP.POSNR
LIKP.VBELN

7394
01
800312

VBAP.VBELN
VBAP.POSNR

7394
02

0000:000f332

0000:000f3332
0000:000f3333
0000:000f3333
0000:000f3334
0000:000f3334

0000:000f3335
0000:000f3335
0000:000f3336
0000:000f3336

0000:000f3336

446

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

Fig. 8. Relationship between database log, tasks, and operations.

Denition8 formulizes the operations in each task. To group DML

commands into each operation, this study adopts the term Transaction
ID. The DML commands which are performed by the same function will
have the same Transaction ID. According to the Transaction ID, each
DML command can be compared and thereby allow us to determine
whether to group them into one operation or not. Algorithm2 proceeds
to group DML commands into each operation in one task.

The Incidence Matrix I = taij b and entry of it represents the number

of places that the token changed Pj when transition Ti is ring.
And for the Incidence Matrix I, there exists a state equation:
d
P
Md = Md 1 + IT
Uk .
1

Md and Md-1 is the marking of Petri-Net, IT is the transpose matrix

d
P
Uk is an i 1 Transition Firing Matrix
of Incidence Matrix I, and
1

Algorithm 2. (Group DML Commands into Operations): Let ci 2C,

i21,2,,o is the Data Manipulation Language (DML) Commands of a
sorting tasks Ta2T,a = 1,2,,k, TID(c) is a function which maps the
Trancation ID of the DML command c, and Operation Oab2OpTa, b = 1,
is the rst operation of Ta:
Loop Ta from a = 1 to a = k
Loop ci until i N o
if Oab = ()put ci into Oab and set TID(Oab) = TID(ci)
else if TID(ci) = TID(Oab) and ciOabput ci into Oab
else if TID(ci) = TID(Oab) and ci2Oabdo nothing
elsecreate new Oa(b + 1), set b = b+ 1,
put ci into the new Oab and set TID(Oab) = TID(ci)
i=i+1
a=a+1
Fig. 8 illustrates the relationship between the log, tasks, and operations.
According to algorithm2, the DML commands can be grouped into each
operation. T1=(C2, C3, C4, C11, C12, C13) will become T1={O11 (C2, C3),
O12 (C11, C12)}, and T2=(C5, C6, C7, C8, C9, C10) will become T2={O21
(C5, C6), O22(C7, C8), O23(C9, C10)}. It is now feasible to analyze the
operations in each task by employing the analysis mechanism.
3.3. Phase3: business process gap analysis
The nal phase of the mechanism is business process gap analysis.
The mathematical analysis properties of the mathematical model are
used to test the IS process ow. This research uses the Incidence
Matrix and State Equation of the Petri-Net to test the business process
gap between the IS process ow and the internal control ow.

which indicates the number of times transition Ti res.

The reachability analysis of Petri-Net is conducted according to the
matrix algebra and can be calculated by using the following steps:
1. Let r be the rank of IT.
2. Adjusting IT and the corresponding Md and Md 1,d = 1,2,,n, let the upper left
quadrant of IT being a nonsingular square matrix of order r.

I
I
3. Decomposing IT to the form IT = 11 12 , let I11 be the nonsingular square matrix
I21 I22

M1
where M = (Md
of order r, and decomposes the corresponding M =
M2
Md 1).
4. Now

d
P

"
Uk =

1
1
I11
M1 I11
I12 K

#
, where K = [K1,,Ki r]T.

5. Set 0 K1,,Ki r 1 and calculate all possible

d
P

Uk .

d
P

Uk = U1 ; N ; Ud is the sum

of the ring sequence. Let Mk + 1 = Mk + ITUk,M1 = Md 1. If all Uk are nonnegative

integer and can make Mk + 1 N0, i.e. all Uk are reable, Md can reach from Md 1 via the
d
P
Uk = U1 ; N Ud .(This paper sets 0 K1,,Ki r 1 to nd the
d
1
P
minimal ring sequence, if 2 K1 or or Ki r , the Transition Firing Matrix
Uk

ring sequence

only repeats some fraction of the ring sequence.)

Denition9 denes the conformability of the IS process ow and

d
P
Uk calculated from the

the internal control ow. When the

reachability analysis of Petri-Net is a nonnegative integer and reable

solution, it means that Md (the state of post-operation) can reach from
Md 1 (the state of pre-operation) and the operation does not violate
the internal control. The IS process ow should include both the
physical dataow and logical workow. However, the database log
only includes the physical dataow. It is therefore necessary to extend
the physical dataow to the logical workow. This study assumes that

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

447

process ow conforms to the internal control ow on operation O12 in

task T1.
Operation O22 in task T2 also conforms like O12 in T1, as well as for
Operation O2. MP(O22) = [0,0,0,0,0,0,0,1,1,0,0,0,0,0,0]T, M(P(O22)) =
[ 0 , 0 , 0 , 0 , 0 , 0 , 0 ,1,1,1,1, 0 , 0 , 0 , 0 ] T, a n d M ( P ( O 2 3 ) ) =
d
P
Uk = 0; 1 2K2 ; 1; 0; 0;
[0,0,0,0,0,1,1,0,0,0,0,0,0,0,1] T.
1
d
P
Uk can
K2 ; K2 ; 1; 1; 1 + K1 ; 1 K1 ; K1 2K2 ; K2 ; 1; 1; K1 ; K2 T

if operation Oab is scanned in the database log, the input transition of

Oab must have been red and tokens should have been put into all
output places of the input transition (include all resources of dataow,
events, functions, and connectors of workow).
Denition 9. (Conformability): Oab2OpTa,b = 1,2,,q,a = 1,2,,k
and MOab2mN(eEPC),
d
P
I t(M(P(Oa(b + 1)))(M(P(Oab))+MP(Oab))) = Uk exists nonnega1
d
P
tive integer solution Uk and every Uk is reable

then be calculated to reveal that a nonnegative integer solution does

not exist. Therefore, the IS process ow does not conform to the
internal control ow on operation O23 in task T2.
According to the adjusted Petri-Net, this study maintains that
operation O22 (C7,C8) is processed by CREATE DELIVERY and O23 (C9,
C10) is processed by CHANGE SALES ORDER DOCUMENT. An analysis
report will identify that in task T2 (VBAK.VBELN (which means Sales
Order): 9501) the post-operation O23 (CHANGE SALES ORDER
DOCUMENT) after the pre-operation O22 (CREATE DELIVERY) has a
business process gap and the system will experience a control failure.
Auditors then need to dene why the business process gap exists and
formulate an audit report of the IS.

information system process ow conforms to the internal

control owon operation Oa(b + 1) in task Ta.
mN (eEPC) is the modied Petri Net of the standard procedure.
It is the transpose Incidence Matrix of mN (eEPC).
Oab is the operation processed by function of the task Ta in database
log.
P(Oab) is the function which maps operation Oab's places in mN
(eEPC).
MP(Oab) is the corresponding marking of operation Oab's places, and
M(P(Oab)) is the corresponding marking of all output places from
places P(Oab)'s input transition in mN (eEPC).

4. Mechanism development

Table 5 is the adjusting Incidence Matrix of Fig. 7 whose upper left

quadrant is a nonsingular square matrix.

This research constructs a Business Process Gap Detecting Mechanism (BPGAP-Detecting Mechanism) system to implement the business
process gap detection. The BPGAP-Detecting Mechanism system is
developed based on the environment of Microsoft .NET and the
Microsoft SQL Server. This study separates functions of the BPGAPDetecting Mechanism system into six fundamental libraries such as
abstraction, encapsulation, polymorphism, and inheritance of the
object-oriented model to take advantage of the inherent strengths.
Therefore, the eEPC can be replaced by other dynamic modeling tools,
such as UML (Unied Modeling Language), without rewriting the
algorithm of the gap detecting mechanism.
In addition to the six libraries of the BPGAP-Detecting Mechanism
system, this study employed the third party software Lumigent Log
Explorer [32] to provide the assistance in extracting the database log.
This study requires the use of Lumigent Log Explorer because Microsoft
SQL Server does not provide any open protocol to access its database log.
The log explorer software can be used to read and export the database

3.4. A numerical example

Table 6 is the transposed Incidence Matrix of the adjusted Petri-Net
for the book-to-billing cycle in SAP R/3 SD. Table 7 is the adjusted
matrix of Table 6, whose upper left quadrant is a nonsingular square
matrix. For the task T1 = {O1 (C2, C3), O12 (C11, C12)}, this study
determined that: MP(O11) = [0,0,0,1,1,0,0,0,0,0,0,0,0,0,0]T, M(P(O11)) =
[0,0,0,1,1,0,0,0,0,0,0,0,0,1,0] T, and M (P (O12)) = [0,0,0,0,0,0,0,
1,1,1,1,0,0,0,0]T.
d
P
Given this knowledge,
Uk = 0; 2k2 ; 1; 1; 1; k2 ; k2 ; 0; 0; k1 ;
1
d
P
1k1 ; k1 2k2 ; k2 ; 0; 0; k1 ; k2 T can thereby be calculated and Uk =
1

0; 0; 1; 1; 1; 0; 0; 0; 0; 0; 1; 0; 0; 0; 0; 0; 0 K1 = 0 and K2 = 0 is revealed
to be a nonnegative integer and reable solution. Therefore, the IS

Table 5
The adjusted transpose incidence matrix of the adjusted Petri-Net.
PLACES/TRANSITIONS
CREATE SALES ORDER
CHANGE SALES ORDER
CREATED DELIVERY
INSERT VBAK
INSERT VBAP
UPDATE VBAK
UPDATE VBAP
INSERT LIKP
INSERT LIPS
VBAK
VBAP
LIKP
LIPS
XOR_1
XOR_2

A1
1
0
0
1
1
0
0
0
0
0
0
0
0
1
0

A2
0
1
0
0
0
1
1
0
0
1
1
0
0
0
1

A3
0
0
1
0
0
0
0
1
1
0
0
0
0
0
0

A4
0
0
0
2
0
0
0
0
0
1
0
0
0
0
0

A5
0
0
0
0
2
0
0
0
0
0
1
0
0
0
0

A6
0
0
0
0
0
2
0
0
0
1
0
0
0
0
0

A7
0
0
0
0
0
0
2
0
0
0
1
0
0
0
0

A8
0
0
0
0
0
0
0
2
0
0
0
1
0
0
0

A9
0
0
0
0
0
0
0
0
2
0
0
0
1
0
0

A10
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0

A11
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0

A12
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1

A14
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0

A16
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0

A17
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0

A13
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1

A15
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0

Note
A1:
A2:
A3:
A4:
A5:
A6:

NEW SALES ORDER

MODIFY SALES ORDER
NEW DELIVERY
INSERT VBAK
INSERT VBAP
UPDATE VBAK

A7: UPDATE VBAP

A8: INSERT LIKP
A9: INSERT LIPS
A10: XOR_1_1
A11: XOR_1_2
A12: XOR_2_1

A13: XOR_2_2
A14: VBAK_UNCONCERNED
A15: VBAP_UNCONCERNED
A16: LIKP_UNCONCERNED
A17: LIPS_UNCONCERNED

448

Table 6
The transpose incidence matrix of the adjusted Petri-Net.
The transpose Incidence Matrix of the modied Petri Net
PLACES\TRANSITIONS

A10

A11

A12

A13

A14

A15

A16

A17

A18

A19

A20

A21

A22

A23

A24

A25

A26

A27

A28

A29

A30

A31

A32

A33

A34

A35

A36

A37

A38

A39

0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
1
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0

1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0

1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0

0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0

0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0

0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0

0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0

0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0

0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0

0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1

0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0

0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0

Note
A1: NEW SALES ORDER
A2: MODIFY SALES ORDER
A3: NEW DELIVERY
A4: MODIFY DELIVERY
A5: NEW BILLING DOC.
A6: MODIFY BILLING DOC.

A7: DELETE BILLING DOC.

A8: INSERT VBAK
A9: INSERT VBAP
A10: UPDATE VBAK
A11: UPDATE VBAP
A12: INSERT LIKP

A13: INSERT LIPS

A14: UPDATE LIKP
A15: UPDATE LIPS
A16: INSERT VBRK
A17: INSERT VBRP
A18: UPDATE VBRK

A19: UPDATE VBRP

A20: DELETE VBRK
A21: DELETE VBRP
A22: XOR_1_1
A23: XOR_1_2
A24: XOR_2_1

A25: XOR_2_2
A26: XOR_3_1
A27: XOR_3_2
A28: XOR_4_1
A29: XOR_4_2
A30: XOR_5_1

A31: XOR_5_2
A32: XOR_6_1
A33: XOR_6_2
A34: VBAK_UNCONCERNED
A35: VBAP_UNCONCERNED
A36: LIKP_UNCONCERNED

A37: LIPS_UNCONCERNED
A38: VBRK_UNCONCERNED
A39: VBRP_UNCONCERNED

S.-M. Huang et al. / Decision Support Systems 47 (2009) 436454

CREATE SALES
1
0
0
0
0
0
0
0
0
0
ORDER
CHANGE SALES
0 1
0
0
0
0
0
0
0
0
ORDER
CREATE DELIVERY
0
0 1
0
0
0
0
0
0
0
CHANGE DELIVERY
0
0
0 1
0
0
0
0
0
0
CREATE BILLING DOC.
0
0
0
0 1
0
0
0
0
0
CHANGE BILLING DOC. 0
0
0
0
0 1
0
0
0
0
CANCEL BILLING DOC. 0
0
0
0
0
0 1
0
0
0
INSERT VBAK
1
0
0
0
0
0
0 2
0
0
INSERT VBAP
1
0
0
0
0
0
0
0 2
0
UPDATE VBAK
0
1
0
0
0
0
0
0
0 2
UPDATE VBAP
0
1
0
0
0
0
0
0
0
0
INSERT LIKP
0
0
1
0
0
0
0
0
0
0
INSERT LIPS
0
0
1
0
0
0
0
0
0
0
UPDATE LIKP
0
0
0
1
0
0
0
0
0
0
UPDATE LIPS
0
0
0
1
0
0
0
0
0
0
INSERT VBRK
0
0
0
0
1
0
0
0
0
0
INSERT VBRP
0
0
0
0
1
0
0
0
0
0
UPDATE VBRK
0
0
0
0
0
1
0
0
0
0
UPDATE VBRP
0
0
0
0
0
1
0
0
0
0
DELETE VBRK
0
0
0
0
0
0
1
0
0
0
DELETE VBRP
0
0
0
0
0
0
1
0
0
0
VBAK
0 1
0
0
0
0
0
1
0
1
VBAP
0 1
0
0
0
0
0
0
1
0
LIKP
0
0
0 1
0
0
0
0
0
0
LIPS
0
0
0 1
0
0
0
0
0
0
VBRK
0
0
0
0
0 1 1
0
0
0
VBRP
0
0
0
0
0 1 1
0
0
0
XOR_1
1
0
0
0
0
0
0
0
0
0
XOR_2
0
1
0
0
0
0
0
0
0
0
XOR_3
0
0
1
0
0
0
0
0
0
0
XOR_4
0
0
0
1
0
0
0
0
0
0
XOR_5
0
0
0
0
1
0
0
0
0
0
XOR_6
0
0
0
0
0
1
0
0
0
0

Table 7
The adjusted transpose incidence matrix of the adjusted Petri-Net.
The adjusting transpose Incidence Matrix of the modied Petri Net
PLACES\TRANSITIONS