A company has multiple independent business units, each with its own engineering team. You need to achieve visibility into all Google Cloud projects across the company and organize these projects according to the business units. Additionally, each business unit requires distinct IAM permissions.

What is the recommended strategy to meet these requirements?