Hi Nora,
Good practice is to set up each function in your rule set as a critical action or critical permission in order to avoid unnecessary, undesired and long conversations about SoD-conflicts while discussing the risk analysis results.
It is easier to determine if someone should be able to create a purchase order than to discuss all the SoD-conflicts in which PO maintenance plays a role. Removing sensitive access from a user/role will immediately lead to a reduction of unique SoD-conflicts. The data in the critical action and permission reports are also shorter.
Best regards
Tiede-Jan