Implementing simplified security with Top Secret, here are the steps done: 

1. Set Security-Validation to USERDEF in the System Configuration member.

2. Verified OPTIONS parmlib member. 

3. Created a user-defined field in the FDT ACID and Added the field GSVUSER to the base segment. 

4. Permit user ACID (TSO ID) access to the user-defined field. 

Will every user have access to DEFAULT SYSVIEW internal security group ? 

or is it needed to permit every user  id /group in Top Secret  to have access to DEFAULT group ? 

Only users who you want to be assigned to a security group other than DEFAULT need to be permitted to the user defined field GSVUSER

(that has a value of the Security Group you want them to be in).

These ids must be removed from the "User IDs Section".