Proper and clean design of authorization roles is a pre-requisite for managing segregation of duties in SAP authorizations
a) Not correct – with additional tooling like SAP GRC Access Control SOD’s can be managed regardless how messy the authorization roles are;
b) Not correct – if too many clean roles are assigned to a user, still segregation of duties may be violated
c) Correct – if segregation of duties are violated inside the role design that no way users can be authorized without incurring SOD violations;
d) Correct – if roles are properly designed then automatically the users assigned to these roles are free of SOD violations