Workflow Profile Hierarchies: Security Model | Application Security Roles v Workflow Security

Please share your practical advice to secure Workflow Profile Hierarchies per the two requirements below. Thank you.

A. Workflow Profile Hierarchies: Admin v Builder/Business
0. 'Cube Root Workflow Profiles' | Admin and Business | Top Level Cube_suffix
1. 'Default/Child Workflow Profile Types' | Admin/Business 'Cube Root Workflow Profiles'
2. Admin 'Parent/Child Workflow Profile Types' | Admin/Business 'Cube Root Workflow Profiles'
3. Business 'Parent/Child Workflow Profile Types' | Business 'Cube Root Workflow Profiles

B. Two Workflow Requirements: Admin v Builder/Business
1. Builder not allowed to see/create/edit:
- Admin 'Cube Root Workflow Profiles'
- 'Default/Child' and Admin 'Parent/Child Workflow Profile Types' | Admin 'Cube Root Workflow Profiles'
- 'Default/Child Workflow Profile Types' | Business 'Cube Root Workflow Profiles'
- Admin 'Parent/Child Workflow Profile Types' | Business 'Cube Root Workflow Profiles'
2. Admin/Builder allowed to see/create/edit:
- Business 'Cube Root Workflow Profiles'
-- Business 'Parent Workflow Profile Types': Review, Base Input, Parent Input
-- Business 'Child Workflow Profile Types': Import, Forms, Journals

C. Security Model: Application Security Roles + Workflow Security | Admin v Builder/Business
0. Security Groups: 'Admin Roles and Builder Roles' and Child Groups = 'Admin Roles' + 'Builder Roles'
1. Application Security Roles | Manage Workflow Profiles = 'Admin Roles and Builder Roles'
2. Workflow Security = 'Admin Roles' = Admin/Business 'Default Workflow Profile Types'
3.1. Workflow Security = 'Admin Roles' = Admin 'Cube Root Workflow Profiles'
3.2. Workflow Security = 'Admin Roles' = Admin 'Parent Workflow Profile Types'
4.1. Workflow Security = 'Builder Roles' = Business 'Cube Root Workflow Profiles'
4.2 Workflow Security = 'Builder Roles' = Business 'Parent Workflow Profile Types'

D. Security Model Results: Admin v Builder/Business
- 1 + 2 + 3 + 4 = Workflow Requirement 1 = Fail
- 1 + 2 + 3 + 4 = Workflow Requirement 2 = Succeed

Thank you, SMEs.