Restrict user access to SAP, just for administrator

Hi:

We've been claimed a lot of times by the functional modules, that in certain periods, close the access to all excepto certain people to do "critical" operations and preventing that anyone else can do something else.

In these cases, we block almost all users, through SU01, but it is archived and appears in the change history of users.

Does anyone else know another form to restrict the access to a SAP system, just for a list of personas?

We will appreciate your comments, regards!!