one of the documented procedures in this installation of the ACS
im_verify_user_is_admin   conn   args   why
What it does:
Returns 1 if a the user is either a site-wide administrator or in the Intranet administration group
Defined in: /web/philip/tcl/intranet-defs.tcl

Source code:

    set user_id [ad_verify_and_get_user_id]
    if { $user_id == 0 } {
	# Not logged in
	ad_returnredirect "/register/index?return_url=[ns_urlencode [ns_conn url]?[ns_conn query]]"
	return filter_return
    set db [ns_db gethandle]
    set val [im_is_user_site_wide_or_intranet_admin $db $user_id]
    ns_db releasehandle $db 
    if { $val > 0 } {
	return filter_ok
    } else {
	ad_return_error "Access denied" "You must be an administrator of [ad_parameter SystemName] to see this page"
	return filter_return