Your company has a Google Cloud project that leverages BigQuery for data warehousing, storing a large volume of data including personally identifiable information (PII) in some tables. According to internal policies and compliance requirements, only the compliance team is permitted to access the PII, while the data science team needs access to non-PII data from the same tables. You are responsible for ensuring that access controls are implemented in a cost-effective and efficient manner. What should you do to ensure that the compliance team has exclusive access to PII and the data science team has access to non-PII data, while minimizing cost and the time required to assign appropriate access?