For example, you might want to define an assigner privilege as well as an assigner attribute, where the assigner privilege is used for both state and transition privilege security, and the assigner attribute is used both for tracking the assigner and for attribute security. That is, only the person who assigned the CR can modify a specified set of attributes or perform a transition.
Create your CR process and lifecycles. Then, experiment with them in a test area until you are satisfied that the CR process meets your needs.
Finally, install the CR process in your production area.