Hi J,
I don't say this is the work around but our scenario is like this:
1. All users cannot request for Firefighter access as we disable this Request Type from end users.
2. Only few designated users will have access to raise Firefighter access request.
3. We have one basis FF ID and we maintained 2 controllers for it. They will request that Firefighter ID to access as Firefighter. So, FF Owner approves their requests.
4. As for Log review workflow, our customer also wants something similar that Controller should not approve his/her own FF Logs. This functionality is currently not available. Hence as a work around, if one Controller uses their FF ID as Firefighter another Controller for the same FF ID reviews the logs and viceversa.
If you want to avoid this, then 4013 and 4014 should be kept NO, so that this scenario doesn't occur. But it is our requirement and so we are using this workaround 
But there is a proposal to implement enhancement with the help of our ABAPer which is quiet possible and it is in progress.
Regards,
Madhu.