Before setting up Identity and Access Management (IAM) for your Google Cloud organization, you should understand how IAM fits in to your organization's security architecture as a whole.
You can find guidance for architecting and operating secure services in the Cloud Architecture Center. Specifically consider the following documents:
Google Cloud Architecture Framework: Security, privacy, and compliance: A central page describing Google's core security principles and links to additional resources. These additional resources help you architect your Google Cloud deployment to meet security best practices, as well as your business needs.
Manage identity and access: A document describing best practices for setting up and managing IAM on Google Cloud.