Anomaly detection plays a crucial role in process mining, which is the analysis of event logs to discover, monitor, and improve business processes. In the context of IT networks, process mining can be used to analyze the sequences of events that occur during network operations, such as system logs, user activities, and transaction records.

Anomaly detection in process mining involves identifying unusual patterns or deviations in these event sequences that do not conform to the expected or normal behavior. These anomalies could indicate potential security threats, such as a malicious insider attempting to access sensitive data or a cyber attacker exploiting a vulnerability in the network.

The impact of anomaly detection in process mining on operational security for IT networks is significant. By identifying anomalies in real-time or near real-time, organizations can respond quickly to potential security incidents, minimizing the damage and reducing the risk of data breaches. Anomaly detection can also help in proactive security measures, such as improving network configurations, enhancing access controls, and updating security policies based on the insights gained from process mining.

Moreover, anomaly detection in process mining can support compliance efforts by providing evidence of adherence to security standards and regulations. It can also aid in incident investigation and forensic analysis by providing detailed logs and traces of network activities.

However, it's important to note that anomaly detection is not a silver bullet for network security. It should be used as part of a broader security strategy that includes other measures such as intrusion detection/prevention systems, firewalls, and regular security audits. Additionally, the effectiveness of anomaly detection depends on the quality of the event data and the accuracy of the models used to define normal behavior.

In conclusion, anomaly detection in process mining can significantly enhance operational security for IT networks by enabling early detection and response to potential threats, supporting proactive security measures, aiding compliance efforts, and facilitating incident investigation.