There should be different levels of permissions for accessing the Admin Console, some permissions should allow you to access features such as attribute assigning & maintaining, MRD numbers, and such less risky features, and others should allow access to high risk things like channel management etc.
Later on these permissions will also have to be team specific, where one manager cannot make changes to another managers team members, but only to their own team