Your company has recently started using Google Cloud Platform (GCP) for a pilot project involving several developers and testers. The project contains sensitive data, and access needs to be restricted to certain team members. What is the most efficient way to assign Identity and Access Management (IAM) roles to ensure minimal maintenance?