Best practice in users and permissions in enterprise

What is the way - best practice - to manage users and permissions in enterprise?
To my humble experience, I think it is as follows:
Three users.

  1. User to create users.
  2. User to assign roles to user.
  3. User to control user permission manager.

What do you think?
Please share your experience here.


All 3 three cases would be done by an administrator with the system manager status.
Use Roles and permissions to define each user and groups ie AR,AP etc

1 Like

I know that, but is this way best practice?

Use Role permission management for each user