I support a campus that has both centralized and decentralized staff. Our heirarchy of groups is based on location. Location is determined by IP address.
Is it possible to create a security group and give them only the ability to assign owners to a system in their group?
If Locations were created based on IP address, then you already have an Organizational View (Assets by Location) that you can use.
Does this help?
You will find some best practices to do this security configuration on this tech: http://www.symantec.com/docs/TECH188388
The section Solution contain the general steps.More information about configuring security for the Symantec Management Platform can be found in its user guide starting on in Chapter 4: Configuring security, page 69: