Identify the various authorized tasks to be performed by users. Group closely related tasks. Groupings can be based on any
organizational structure - departmental, functional, and so on. Assign a name to each grouping. These groupings are the roles you will create.
Identify the system privileges and object-level privileges required to perform each task that has been identified.
Identify the users that need to perform the various authorized tasks, including those who will require the roles you are going to create.
(Optional) Identify administrators for the roles you are going to create. Administrators can grant and revoke the role to other users.
(Optional) Identify administrators for the system privileges and object-level privileges that are not part of the roles you
will be creating.