Working groups, 2 different approaches

I am building a working group module for a CRM. The goal of the module is allowing user to share anything under a specific domain.

With working group module users can create:

A sales team
A project team
An organization (e.g. people who run a specific campaign)
A contract team (imagine that you must prepare a proposal for your client in a certain time and you create a temporary team for this task)
A discussion team (e.g. brainstorming)
Or a department (this is the thing that ruins everything)

Authorization of group:

Can be public
Can be closed
Can be isolated

Relations:

Group module must be adaptable for following modules:

Document management system (Please think about authorized user).
Other modules (leads, branches, email, contacts, etc.) which require authorized user for using them.

I would like to choose one of approaches I indicated below.

Grouping module just like Facebook

No pain for integrations of modules and their authorization. In this case each group has it's own authorization system. But in this case I have to design a different module for departments of business. Thus, the question appears in my mind is why should I separate departments and other teams or organizations. They both seems like similar operations. (Sales(a department), Sales of "ABC product"... I want to allow users to share for "sub-departments" too)
Using CRM in a workspace

Creating departments or teams or organizations initially. Then choosing one of them which logged in user get involved. In this case all other modules (leads, sales, contacts etc.) and a complex authorization system must be integrated well with this workspace logic.

Which one seems good to you? And why?

Tags: an event apart, smashing, speckyboy, UX Interview, ux stack, UX Stack Exchange, UXBooth