Here are some examples which may provide a clearer view of what I mean.
|Roles and Profiles||User ID|
(Profiles ##: T-D3060077, T-D30600771)
(Profiles ##: T-D3060644, T-D3060076)
Consequently, when a large role has too many authorizations for one profile, a second profile is generated and assigned. This is merely a technical feature. Your auditors should focus their evaluation on the roles assigned. There are other technical considerations, but this answer should be sufficient for almost all situations.
This was first published in April 2009