The following article is provided just as reference. It is not meant to be a "Best Practices" article but it provides some common articles used by Support while working/troubleshooting on Security Roles, Scoping and Permissions.
HOWTO25927 "What permissions are needed for Patch Management 7.X?"
HOWTO75175 "How do I add the ability to perform Patch Management Admin processes to an existing canned user?"
HOWTO21637 "How do I create and define a security role for scoping in Patch Management?"
Service Desk / PCAnywhere Solution
TECH196595 "RTSM isn't working with custom security role"
TECH155258 "How to Create a Security Role that Allows Users to Create Tasks"
Symantec Management Platform
TECH144089 "Adding domain users or groups to Notification Server (NS) security roles"
DOC1740 "Symantec Management Platform Security Privileges"
HOWTO62686 "About organizational views and groups"
HOWTO44205 "Design considerations for resource scoping"
HOWTO62740 "About resource security"
HOWTO63084 "Adding security roles as members of other security roles"
HOWTO62895 "Viewing and managing resources in an organizational group"
TECH147353 "Every morning Read and Execute permissions are missing for replicated items, making it look like the Security Role is being reset each night"
HOWTO42294 "Things to know regarding Replication of Security Objects"
TECH138409 "Security Role Replication inconsistent and not cleaning up obsolete roles"
HOWTO10792 "Can security role memberships be synchronized during hierarchy replication?"
TECH127524 "Security Roles disappeared and can no longer be seen in the console"
HOWTO9933 "How can I display or hide resource types in the default organizational view?"
HOWTO21673 "How do you add Scoping by Organizational Group to Raw SQL reports?"
HOWTO26188 "Creating an NS 7 Support Security Role"
HOWTO62785 "Predefined security roles"
HOWTO10110 "How can I create a Security Role in Notification Server 7 for users that need to run just reports?"
Symantec Connect articles:
Symantec Connect Videos: