Implement a set of parameterized AWS CloudFormation templates to standardize IAM permissions across accounts, mandating the deployment of these templates in all new and existing accounts to uphold the principle of least privilege.

Leverage AWS Organizations to form a new organizational structure with a designated payer account, inviting existing accounts to join and creating new ones within the organization to facilitate centralized management and billing.

Maintain individual AWS accounts for each business unit, applying appropriate tags to each account and utilizing Cost Explorer for precise cost tracking and chargeback purposes.

Activate all features of AWS Organizations and define service control policies to regulate IAM permissions for subordinate accounts, ensuring consistent security policies across the organization.

Merge all company AWS accounts into a single account, utilizing tagging for billing clarity and employing IAM’s Access Advisor feature to enforce a least privilege access model.