There is an example of controlling user permissions through the workflow in the Administrator Guide, Chapter 27, ''Example: Controlling User Permissions''.

You need to determine the Type of the Requirement. Are you familiar with getting information about an entity by customizing a workflow?

You need to figure out how to identify the group the user belongs to. Refer to the Administrator Guide, Chapter 27, ''Example: Changing a Field Based on the User Group''.

You need to figure out what workflows are being triggered when you ''move'' a requirement. Refer to the Administrator Guide, Chapter 26, ''Action Object''. This will show you how to display the names of actions. Then try moving a requirement and seeing what displays. That will help you figure out which workflows you need to customize to prevent the action.