Permissions in SharePoint are messy. I'm just throwing that out there. No one can or should deny it. They are a messy, ugly, horrible beast. Permissions are also mandatory and an extremely important part of your site. Working on the Habanero Service Desk for the last two years, I've noticed that one of the main problems that we come across regarding permissions is in relation to SharePoint groups and the group owners.
You see, when you create a new SharePoint Permission Group, as the creator, by default you become the owner of the group.
This can be a problem in two accounts. Let's say that this is an owner's group -- one that will hold all users with full control privileges. The trouble is, by using the default settings, you are the only one who can modify the members or settings of this group. What happens if you move on and your account is disabled? This leaves no one with the ability to see or modify the group permissions.
So what is the solution? Well, we have two solutions to this problem without resulting to a System Admin account. I'd recommend using both options combined for best results.
After creating the group, you can assign itself as the group owner. This will make any member of the group simultaneous owners of the group as well.
The trouble with this, is you have to create the group first, and then go back and assign the permissions.
Under the option of ”Who can edit the membership of the group,“ choose “Group Members.” This will provide the same functionality as the solution above, but can be done prior to the initial creation of the group.
By performing either of these two options, you not only are future proofing, you are also providing your owners with the abilities to make those permissions changes that they may so desire.
This now all comes down to ensuring the right people have been made group owners.