Yes, you have to create a custom group. You can select all the security policies (I stick to 500 at a time) and add the Security Group, and/or Logging Profile, HIP, QoS, Schedules, etc...
For example, here is one I use called "Alert_Only_Sec_Profile_Group", which groups 4 other profiles (Snippets) together.
***************profile-group******************* <entry name="Alert_Only_Sec_Profile_Group"> <virus> <member>Anitvirus_Alert_Only_Profile</member> </virus> <spyware> <member>Anti-Spyware_Alert_Only_Profile</member> </spyware> <vulnerability> <member>Vulnerability_AlertOnly_Profile</member> </vulnerability> <wildfire-analysis> <member>Alert_Only_WildFire_Profile</member> </wildfire-analysis> </entry>
... View more