The terms SoD Violation and SoD Case are sometimes used interchangeably. Both refer to a specific user or account violating a specific SoD policy. However, Identity Governance can detect an actual SoD violation multiple times because of the variety of events that trigger SoD violation detection. For example, publishing identities and accounts, creating, changing, or deleting roles all trigger SoD violation detection. Identity Governance creates a new SoD violation record for each of those detections and also notifies the SoD Policy Owner of these violations. All represent the same SoD violation, with different detection times.
An SoD case is the entity that tracks all of the information about an SoD violation, including all of the times the violation was detected. It also keeps track of the actions which users have taken with respect to the violation (approve, resolve). An SoD case is closed when Identity Governance no longer detects the violation. In a sense, an SoD case is the history of an SoD violation from the time it is first detected to the time it is no longer detected.