Note 1600667 - SoD - How to do this:Permissions are different, can segregated by security?

Hi experts,

Can you please give examples how you have done the segregation by security? Our customer is going thru user level risk remediation phase and we have problems to "clean" risk H017 and transaction PT60. This risk and transaction is mentioned in note 1600667 Transactions that conflict with themselves. So can someone please give examples or hints how to segregate this by security?