As your organization expands its usage of Google Cloud Platform (GCP), various teams have begun to create their own projects. These projects are further subdivided to cater to different deployment stages and target audiences. Each project necessitates distinct access control configurations. The central IT team is required to have access to all projects. Additionally, data from Cloud Storage buckets and BigQuery datasets must be shared across projects on an ad hoc basis. To simplify access control management and minimize the number of policies, which two steps should you take? (Choose two.)