Separation of Duties (SoD) Administrators can create policies to enable Identity Governance to look for users and accounts holding too much access. Identity Governance creates cases when it finds violations, and policy owners review the cases and approve or resolve the violations.
Section 19.2, Understanding the Separation of Duties Policy Options
Section 19.3, Creating and Editing Separation of Duties Policies
Section 19.4, Downloading and Importing Separation of Duties Policies
Section 19.5, Creating and Assigning Separation of Duties Approval Policies
Section 19.6, Configuring SoD Violation Options for Technical Roles