Remediation

From Google Admin Console and Google Cloud Console

1. Create separate regular user accounts for Google Cloud administration.
2. Grant those accounts only the Google Cloud IAM roles required for their responsibilities.
3. Review IAM bindings at the organization, folder, and project levels.
4. Remove Super Admin accounts from Google Cloud IAM bindings.
5. Confirm that Super Admin accounts remain reserved for Google Workspace or Cloud Identity administration.