There are many scenarios where setting up security within Dynamics 365 for Finance and Operations (D365FO) should be straight forward, but it isn't. One of those scenarios that is asked about frequently is around creating a View Only role (a role that only has view access to all objects in the system). There are many reasons that a view only role would be needed within D365FO:
Executive/Upper Management users who need access to view information but should not be able to transact in the system
Internal/External audit users who need to validate reports and policies/procedures
To make things easier this download includes the security layers needed to create them.