User group will be not used in AX2012 for security management
A user should be mapped to one or more roles with privileges, permissions, sub-roles& process cycle. Then he has permissions.
One or more duties consist of a role
One or more privileges consist of a duty
Record level security still exist in AX2012 but it will quit in the new version. Its function can be replaced by security policies functionality