Currently the 'administer group' global permission manages access to global OG configuration and give also the all the permissions inside all the groups.
I suggest to split this permission in two others :
- administer organic groups : to access OG global settings
- bypass all organic groups permissions : to be granted of all groups permissions
What do you think about it ?