Separation of Duties (SoD) Administrators can create policies to enable Identity Governance to look for users and accounts holding too much access. Identity Governance creates cases when it finds violations, and policy owners review the cases and approve or resolve the violations.
Section 20.2, Understanding the Separation of Duties Policy Options
Section 20.3, Creating and Editing Separation of Duties Policies
Section 20.4, Downloading and Importing Separation of Duties Policies
Section 20.5, Creating and Assigning Separation of Duties Approval Policies
Section 20.6, Configuring SoD Violation Options for Technical Roles