Can I limit access within an organization depending on role or department?

The best way to do this is to create separate AskAIs per role or department and only then share (or give access to) the relevant AskAIs with those people.