I would suggest that it would be a real improvement to the tool to allow, in places where "Required Role" controls access to Menu Items, Dashboards, Applications, etc., the ability to list multiple roles as having access to that given item. It currently does not do this but this tpe of role assignment is pretty standard in terms of security. 

The way the application works today if I want to have a menu item that is NOT available to all roles, I have to secure it with a specific role. Lets say I have a Business View with an attached Form I want to control access to. I create Business View and then secure access via the Business View and therefore access to the Form (I could alternately allow all access to the Business View and control access to the Action set actions on the form as well). 

If I now assign Business View access to "Steward A", and later I want "Steward B" to be able to access the same Business View or Action Set items, I have to create a duplicated View and Form (and maybe Action Set)....all to allow one other role to use this functionality. This does not work well to assign permissions as it requires slightly different permission profiles to have completely different application components built just for them from a permissions standpoint. It would be far simpler to allow multiple Roles per function in the application than it is for folks to maintain many versions of these different objects for different Roles, instead having developers using Semarchy manage potentially a lot more security complexity and maintenance just because they want a richly defined (and not super corase grained) permission model. 

I think that the places and granularity of where the control hooks for access permissions have been provided are pretty good (application icon on Welcome screen, left menu items, action sets, etc.). Having the ability to put multiple Roles on those hooks makes sense and eliminates a lot of work on the part of developers. 

Thanks!