Emergency Access Management users include administrators, owners, controllers, and firefighters.

 The table below describes each role along with their corresponding delivered roles and authorizations.

Role Type	Description	Delivered Role
Administrator	Administrators have full access to Emergency Access Management. They assign Firefighter IDs, manage data tables, run reports, and ensure the Reason Code table is up to date. They can also enable email notifications for Controllers.	SAP_GRAC_SUPER_USER_MGMT_ADMIN
Note: In decentralized firefighting, administrators must create this role on relevant plug-in systems and assign authorization object /GRCPI/001 with ACTVT field value as 70 or *.
Owner	Owners assign Firefighter IDs to Firefighters and designate Controllers. They can view assigned Firefighter IDs but cannot assign them to themselves.	SAP_GRAC_SUPER_USER_MGMT_OWNER
Note: For decentralized firefighting, owners must create this role on relevant plug-in systems and assign authorization object /GRCPI/001 with an empty ACTVT field value.
Controller	Controllers oversee Firefighter ID usage by reviewing log reports and receiving email notifications on Firefighter ID logins.	SAP_GRAC_SUPER_USER_MGMT_CNTLR
Firefighter	Firefighters use Firefighter IDs to perform authorized tasks during emergency situations.	SAP_GRAC_SUPER_USER_MGMT_USER
Note: For decentralized firefighting, Firefighters must have authorizations to use transactions /GRCPI/GRIA_EAM and SU53 on relevant plug-in systems.
Firefighter ID	The assigned role SAP_GRAC_SPM_FFID converts a user ID into a Firefighter ID, enabling remote logon.	SAP_GRAC_SPM_FFID
Note: This role is applicable only for ID-based firefighting and requires authorization object S_RFC.

This version keeps the information structured, easy to read, and clear while retaining all critical details. Let me know if you need further refinements! 🚀