Generic business templates will have to contain security for 5A roles in workflows (states security and transitions).
In ERP5 Security model, security is splitted in two parts, one is to have 5
generic roles, and to use workflows to define security for thoses 5 generic
roles (and in some cases also Owner or Anonymous roles), the second part of
security definition is to define the mapping between specific business rules
based on documents categories or user assignments ( usually group, site and
function ) and those roles.