In 1996, Chiu and Hsu proposed a multi-role-based access control (MRBAC) policy. Nevertheless, the Chiu-Hsu scheme can be further enforced by role list, union, and intersection (i. e. containment) to deal with the problems regarding the MRBAC and the object role with different security ranks. The author presents an improvement of the Chiu-Hsu scheme using more detailed list structure. This improvement offers some significant advantages.