Authorization Object

Hi Sap Experts,

Is there a way to separate the access of authorization object in its tcode?. The scenario is both tcodes FV60 and F-44 uses the same authorization object "F_BKPF_KOA" .

here is the requirements:

FV60 - disable write/generate

F-44 - enable write/generate

Both tcode are included in one role in PFCG. If I run one FV60 user can still access the create because of authorization given to F-44 which is write (VICE VERSA)

Thank you in advance.

Regards,

Joel