Security Group Audit

I have been tasked with simplifying the number of Security Groups with Content Manager.  Does anyone have any hints and tips for auditing what we have now.  I want to know what security groups are used in what folders, what groups are not used at all etc etc.