What is SAP best practice for SU24 "no check" indicators

Hi Experts,

Let's say during testing if we find a t-code needs some authorization objects for end to end execution, and those objects are maintained as "CHECK" "NO" in USOBX_C.

Please suggest the best practice...

Should we change the proposal in USOBX_C to "CHECK" "YES" and populate specific values in USOBT_C or we can insert those authorization objects manually in the roles without changing proposals??

As far as I know, it makes upgrade activities more difficult when there is more customization in these tables....However manual insert of auth objects are not impacted during upgrade and also any SU24 maintenance of custom t-codes.

Thanks,

Deb

Edited by: Julius Bussche on Feb 8, 2012 10:31 AM

Subject title made more meaingful.