roles to replace SAP_ALL and SAP_NEW

Dear Experts,

We are a small SAP shop, so our BASIS person is responsible for various Admin functions in the system.

I need to create a role for BASIS Admin. I tried to use SAP_ALL to start with, then to inactivate parts of it. It works from the security point of view (although it is a lot of work), but it does not give me a list of transactions and therefore makes it difficult to maintain going forward.

I searched multiple old threads, but was unable to obtain a clear answer.

Will it be considered acceptable (<i>i.e. a good practice</i>) to just gather list of transactions which, in my opinion, (possibly by combining transactions from SAP supplied standard roles) BASIS Admin needs and then add/remove additional ones as need arise?

Please, advise.

Thanks in advance

Galina