Question:
Is there any good document that explains a step-by-step approach from providing BW security to a hierarchy based on say cost center or org unit,etc.
Answer:
In short: No (or I have not found it), but there are some documents SAP provides, such as a 'How To...' paper. If you search the BW forum, you will find references and tips on this topic -- search, there and elsewhere, for 0TCTAUTHH.
There are some pitfalls that SAP does not highlight, such as unintuitive behaviour related to whether the hierarchy is active in reporting, and the interaction of the node and characteristic authorizations: e.g.
0TCTAUTHH = MyNode & 0COSTCENTER = * gives access to all cost centers, as does 0TCTAUTHH = * & 0COSTCENTER = C001
My advice would be to have your BW developers add a copy of cost center as a 'navigable attribute' (reference characteristic) of cost center specifically for maintaining authorizations. This may sound odd, but it gives you the ability to control whether a hierarchy affects authorizations, and if so which one, irrespective of the use of hierarchies that are active in reports. -- You will only understand the wisdom of this advice after you have ignored it