Adrienne, I would love to see this (and voted for it), but not sure if you realize there is a way to sort of accomplish this now. It doesn't work for everyone since it essentially limits each person to one group whereas a true group solution would allow you to define the roles and put combinations of roles on an individual profile.

But what you can do is put a prefix in front of each person's user ID (we use a number here, but it can be whatever you want), then when you define security, define things based on those prefixes. For instance, assume one role is AP. They're going to cut checks, enter payables, etc. You can put a permission in place for the Print Checks process that is something like "npo,AP*" then anytime you add a user whose name begins with AP, they would already have the permission.

It's not perfect but it works for us about 90% or so of the time and has allowed me to get away from a lot of the individual permissions.