Our audit team is requiring the use for AUTHORITY-CHECK in customized ABAP programs. I'd like to check if you have any sample code or tips regarding this matter.
I would create one security 'include' that provides for a number of different business scenarios. I would then use this 'include' for all program authorizatrion checks, calling only the authorization fields necessary to be checked for each program.
In the long run, this will minimize the places that you will have to review code during an upgrade and ensure more consistent coding standards in programs.