Segregation of Duties (SOD) can be seen as one major class of control activities within a company's Internal Control framework, contributing to the reliability of financial reporting. In recent years, SOD controls in terms of user access rights have experienced a surge of attention in particular, mostly due to the growing reliance of business processes on ERP systems. This paper presents a method for automatically identifying SOD conflicts in user access rights as one component of a continuous compliance monitoring framework. The paper further demonstrates the application of the proposed method in a real world project.