Your organization has engaged a third-party company to conduct an audit on Google Cloud Platform (GCP) resources. The auditor, provided with a GSuite ID by your organization, requires read-only access to all project items to fulfill their duties. What is the most appropriate way to configure the auditor's permissions?