I am not able to understand the flow you describe here - but let me try explain what I regard as "best practice" when working with this.
The first and most import rule is that you should never change the same attribute in a Provisioning Policy and an Operational Workflow (and do try to use the Provisioning Policy Entitlement Workflow - in general that is a left over from previous times but left in there for backwards compatibility).
In most cases you should handle the problem in the Provisioning Policies. My guess is that you want some users having another value in the AD Description - so the problem is how to identify these users upfront before the Policy is executed. If this is something that can be deducted by their user data then you can create a dynamic role and create a Policy for that role with a higher priority (lower priority value :-)) that overrides the default value - ensure the attribute join directive is set to "priority".
If this is something that cannot be derived then you can create a static role for those users that drives the process.
The problem in this scenario is that you cannot have "mandatory value" for the default scenario and the "allow values" if you want to automate the process - and changing it in the Operation Account workflows is not an option as the value will be validate there as well.
HTH