diff --git a/src/modules/create_user/app/create_user_controller.py b/src/modules/create_user/app/create_user_controller.py
index 5f98de4..658d795 100644
--- a/src/modules/create_user/app/create_user_controller.py
+++ b/src/modules/create_user/app/create_user_controller.py
@@ -8,7 +8,7 @@
 from .create_user_usecase import CreateUserUsecase
 from src.shared.helpers.errors.controller_errors import MissingParameters
 from src.shared.helpers.errors.domain_errors import EntityError
-from src.shared.helpers.errors.usecase_errors import DuplicatedItem, InvalidCredentials
+from src.shared.helpers.errors.usecase_errors import DuplicatedItem, ForbiddenAction, InvalidCredentials
 from src.shared.helpers.external_interfaces.external_interface import IRequest, IResponse
 from src.shared.helpers.external_interfaces.http_codes import BadRequest, InternalServerError, Conflict, \
     Created, Forbidden, Unauthorized
@@ -69,5 +69,8 @@ def __call__(self, request: IRequest) -> IResponse:
         except EntityError as err:
             return BadRequest(body=f"Parâmetro inválido: {err.message}")
         
+        except ForbiddenAction as err:
+            return Forbidden(body=err.args[0])
+        
         except Exception as err:
             return InternalServerError(body=err.args[0])
diff --git a/src/modules/get_all_users/app/get_all_users_controller.py b/src/modules/get_all_users/app/get_all_users_controller.py
index 91c062a..fc27707 100644
--- a/src/modules/get_all_users/app/get_all_users_controller.py
+++ b/src/modules/get_all_users/app/get_all_users_controller.py
@@ -3,9 +3,9 @@
 from .get_all_users_viewmodel import GetAllUsersViewmodel
 from src.shared.helpers.errors.controller_errors import MissingParameters
 from src.shared.helpers.errors.domain_errors import EntityError
-from src.shared.helpers.errors.usecase_errors import InvalidCredentials, InvalidTokenError, NoItemsFound
+from src.shared.helpers.errors.usecase_errors import ForbiddenAction, InvalidCredentials, InvalidTokenError, NoItemsFound
 from src.shared.helpers.external_interfaces.external_interface import IRequest, IResponse
-from src.shared.helpers.external_interfaces.http_codes import OK, BadRequest, InternalServerError, Unauthorized
+from src.shared.helpers.external_interfaces.http_codes import OK, BadRequest, Forbidden, InternalServerError, Unauthorized
 
 
 class GetAllUsersController:
@@ -27,6 +27,9 @@ def __call__(self, request: IRequest) -> IResponse:
         
         except MissingParameters as err:
             return BadRequest(body=f"Parâmetro ausente: {err.message}")
+        
+        except ForbiddenAction as err:
+            return Forbidden(body=err.args[0])
 
         except Exception as err:
             return InternalServerError(body=err.args[0])
\ No newline at end of file
diff --git a/src/modules/get_all_users/app/get_all_users_usecase.py b/src/modules/get_all_users/app/get_all_users_usecase.py
index b111aa8..9f1c012 100644
--- a/src/modules/get_all_users/app/get_all_users_usecase.py
+++ b/src/modules/get_all_users/app/get_all_users_usecase.py
@@ -12,7 +12,7 @@ def __init__(self, repo: IUserRepository):
     def __call__(self, requester_role: ROLE) -> List[User]:
 
         if requester_role != ROLE.ADMIN_COLLABORATOR:
-            raise ForbiddenAction("Usuário não tem permissão para criar usuários")
+            raise ForbiddenAction("Usuário não tem permissão para listar usuários")
         
         users_response = self.repo.get_all_users()
 
diff --git a/src/modules/update_user/app/update_user_controller.py b/src/modules/update_user/app/update_user_controller.py
index 45e629e..0cdded2 100644
--- a/src/modules/update_user/app/update_user_controller.py
+++ b/src/modules/update_user/app/update_user_controller.py
@@ -5,9 +5,9 @@
 from src.shared.domain.enums.groups_enum import GROUPS
 from src.shared.helpers.errors.controller_errors import MissingParameters
 from src.shared.helpers.errors.domain_errors import EntityError
-from src.shared.helpers.errors.usecase_errors import InvalidCredentials, InvalidTokenError, NoItemsFound
+from src.shared.helpers.errors.usecase_errors import ForbiddenAction, InvalidCredentials, InvalidTokenError, NoItemsFound
 from src.shared.helpers.external_interfaces.external_interface import IRequest, IResponse
-from src.shared.helpers.external_interfaces.http_codes import OK, BadRequest, InternalServerError, Unauthorized
+from src.shared.helpers.external_interfaces.http_codes import OK, BadRequest, Forbidden, InternalServerError, Unauthorized
 
 
 class UpdateUserController:
@@ -70,5 +70,8 @@ def __call__(self, request: IRequest) -> IResponse:
         except InvalidTokenError as err:
             return Unauthorized(body="Token inválido ou expirado")
         
+        except ForbiddenAction as err:
+            return Forbidden(body=err.args[0])
+        
         except Exception as err:
             return InternalServerError(body=err.args[0])
\ No newline at end of file
diff --git a/src/shared/domain/enums/groups_enum.py b/src/shared/domain/enums/groups_enum.py
index 4b90c07..eb72e25 100644
--- a/src/shared/domain/enums/groups_enum.py
+++ b/src/shared/domain/enums/groups_enum.py
@@ -5,3 +5,4 @@ class GROUPS(Enum):
     GAIA = "GAIA"
     JUNDIAI = "JUNDIAI"
     FORMULARIOS = "FORMULARIOS"
+    RECAPE_SP = "RECAPE_SP"