/etc/security/access.conf on the target serer depends on the PAM behavior?

Document ID : KB000124325
Last Modified Date : 10/01/2019
Show Technical Document Details
I modified the following settings on each Linux server for the PAM's permission configuration on Oct 2018. 

Config file : /etc/security/access.conf 
Changed content : - : root : ALL EXCEPT <IP Address> 

by this change, it was not able to run the cron. As the workaround, he modified this file as follows. 

Config file : /etc/security/access.conf 
Changed content : + : ALL : cron 

Question1) Is there any effect to the PAM behavior by adding the cron permission? 
Question2) As a similar case, is there any KB that is better to add the other permission, not only cron, to the access.conf?
CA Privileged Access Manager r3.x
There is not a similar case in a past. We think any problem will not occur.