Yes, but, limiting a capable Tier Two from doing a "fix" merely because they are a Tier Two, but, otherwise capable is ludicrous, too.

Example, I a power user, have an issue with a security related app, it's not working. A Tier Two has Registry Access rights, but, has niether authority nor Install Source Access to fix the bug,

That has to go to a Tier Three... Or higher?

It's not always a pay issue... IT comes back to IT Security Paranoia needlessly segregating functionality because of a lack of trust.

If you can't trust your people get rid of them!

A few you can trust, at a higher pay level, is worth dozens you can't at any pay level!