As Brian said, you will have to CHECK the boxes "Manage Policies" and "Do not allow editing of shared policies.
However, the permission level that you set under "Manage Groups" will allow the Administrator to do the following.
Full access:
Cannot edit shared policies that are in the group.
Can convert the shared policies in the group to Non-Shared policies.
Can edit already existing Non-Shared policies in the group.
Can delete clients in the group.
Read only access:
Can view the policies in the group.
Cannot edit policies in the group (both Shared and Non-Shared).
Cannot delete clients in the group.