In addressing control deficiencies, auditors increasingly rely on data analytics. Despite the need to align information presentation with auditors’ cognitive structures, scant scholarly attention is given to how auditors internally categorize process deviations. This study investigates experienced auditors’ categorization of 62 deviations, revealing three primary categories: missing, reordered, and duplicated activities. These insights inform the development of active-learning algorithms, aligning with auditors’ knowledge structures to mitigate redundant processing risks. Blindly adopting process management research outcomes, however, poses a risk to auditing quality, impacting both effectiveness and efficiency in risk assessment and control testing. This research highlights the importance of validating and aligning deviation categories with auditors’ nuanced interpretations to enhance audit tools’ efficacy.