Security Permission check conventions/ best practices

Hi,
A question on current accepted best practices for Permission check in CRUD
services. I see the service createPartyRole checks for _ROLE_CREATE in Party
component. In most of the recent development I see _CREATE required instead
of entity specific like _ROLE_CREATE.

I thought to spend sometime to modernize the createPartyRole and
deletePartyRole services, I mean rewrite them in simple method. I am not
sure what kind of security permission check should I use.

Any thoughts!

Regards
Anil Patel