Derived role - All plants - best practice?

Question: We have many roles on our system derived by plant. So, if we have 15 plants, we will have 15 plant derived roles, plus one for 'all plants', because some of our users will inevitably need all plants.

We were told my our consulting partner that the 'all plants' role should have the plant values entered as discrete values in the org hierarchy section. Don't use ranges, or asterisk. Each plant should be plugged in separately.

So, every time we add a new plant, each "all plant" role has to be altered.

Is there really a problem with putting an asterisk in plant field for the "all plant" roles?

Answer:
Ranges and asterisks are quite appropriate for NON ACTIVITY FIELDS, those that do not what them are using SE16 and the raw table to find info whic is ok but should NEVER be used as a foundation for "taking the answer to the bank" us the reports.
Your task is to Keep it simple and minimize long-term maintenance. If the intent of the role is to be ALL the make it all with an asterisk and minimize you need for change evertime a new plant is presented. You are not hired to make life easy for the consultant, but to minimize the rought exercises so you can concentrate on more added-value analysis, not entering unique plant when a range or asterisk will work.

Answer:
One of the detractions of using * value in restrictors such as plant is that unless you have cleansed obsolete values by removing non-used plants (for example) users can in frequent moments of madness can enter incorrect plant data. Often this will not progress all the way through the transaction but costs time and resource to diagnose and make amends.

If you have removed all extraneous plants from config then your risk is mitigated.

Answer:
Thanks for your responses, we shouldn't have extraneous plants, that is kept clean.

Stars it is! (unless someone can rebut these folks)

Answer:
Thanks for your responses, we shouldn't have extraneous plants, that is kept clean.

Stars it is! (unless someone can rebut these folks)

Make sure you have documented the possible risks of this approach & how you have mitigated them. The auditors WILL moan about this but if you can demonstrate you have mitigated the risks then they will have to accept it.