We use a tool/Application(ALLOUT) to get a report on SOD conflicts based on the security roles. We certainly have few roles where there are SOD violation, and we have some mitigation controls ( where manual or system ). Is there a way to see if any of those SOD violation actually happen within the system to ensure the mitigation controls were effective.