Users, roles, and security groups are controlled at User Management.
Your site has at least one Security Group (typically the Default group), but there may be more than one. From all the available fields on your site, fields are assigned to a security group based upon the fields the users in the group should see. Roles are created within a security group and contain users, permissions and forms; in other words, roles contain users who should see the same forms and have the same permissions.
High-level administrators may have permission to manage more than security group when different security groups are required. Most administrators do not have permissions to more than one security group within a site.