You are on the right track, except that ideally you should first have training and then administrate the system.
ADM100 will make assumptions that you have enough authorizations and introduce the concept briefly to you. But it is not authorization admin training.
Even as an authorization admin or application support, you will need to navigate to the application help of the transaction and ideally also understand the "module", the business process and the design concept of whether to build a new role, assign and existing one or enhance an existing one. Otherwise you soon have a mess.
To avoid a "mess" of questions on SCN as well, I suggest that you first do the training, then use the search (like we all do - yes it is complex software with lots of options) and if something has a discussion value then open discussions on SCN.
In this case object S_LOG_COM (see tcode SU21) will show up next in the authorization errors (probably) and reading the documentation on the object will help you further. Reading about parameter transactions and SU24 proposals for the exact field values of S_LOG_COM needed will round it off to keep you on the guru track.
Hope that is ok for you how to proceed further.
Cheers,
Julius
(SCN Security Area Moderator)