Once a user has been given too much access in the system you hope they do not abuse it before it has been identified and resolved through compliance reporting.

It is one thing to run detective-based reports to identify compliance violations after they have been given to users, but another entirely to stop those violations before they happen.  This month we will look at how to identify roles that cause SoD violations and options for controlling the assignment of those roles so you can prevent SoD issues rather than spend time hunting them down.