Having a large deployment with several countries or regions implies difficulties to manage users.

It should be possible to have several security administrators who manage different areas (one or several countries).

One way to do so could be when 'Security administrator' role is set to a user on one or several companies, he can only grant roles for the set of companies he is allowed.