Your multinational organization is undergoing rapid expansion within Google Cloud. New teams and projects are added frequently. You are concerned about the potential for inconsistent security policy application and permission sprawl across the organization. You must enforce consistent standards while maintaining the autonomy of regional teams. You need to design a strategy to effectively manage IAM and organization policies at scale, ensuring security and administrative efficiency. What should you do?
A. Create detailed organization-wide policies for common scenarios. Instruct teams to apply the policies carefully at the project and resource level as needed.
B. Delegate the creation of organization policies to regional teams. Centrally review these policies for compliance before deployment.
C. Define a small set of essential organization policies. Supplement these policies with a library of optional policy templates for teams to leverage as needed.
D. Use a hierarchical structure of folders. Implement template-based organization policies that cascade down, allowing limited customization by regional teams.
Answer
D