After the universal settings are determined, it is important to identify the Groups of users who will access the system. Groups are roles-based collections of users. Seven default Groups (roles) are identified by Microsoft Project:
The default Groups are sufficient for most organizations. Remember, these are not necessarily the names that will be applied to the Groups but are the expected roles of users in your organization. Clarity around the roles users perform makes completing the security model easier and more successful.
Review these Groups to determine whether your user community fits into the defaults. Additional Groups can be identified as necessary. This collection of role-based information is used in the following sections to identify security templates and Groups as part of the security model.