Google Workspace – Superadmin Managing Drive Folders and Files

Re your point 2 You are heading in the same direction my company has gone. We have the equivalent of your 'Central System' as a Username, and have created three folders on its Drive - WORK, REFERENCE, EXTERNAL USERS - and shared them with our Sysadmin. Sysadmin shared WORK with Users on an Edit basis and our users built a sub-folder structure for our company to hold all our working files. Sysadmin shared REFERENCE with most Users on Read basis but with some Users granted Edit rights so they could create and maintain the folder/file structure for policy documents, manuals etc.

WORK is shared Edit and REFERENCE is shared Read to new starters as part of the User setup process and new Users immediately acquire inherited rights to all the contents of these folders.

Leavers, we change the User password immediately, use administration advanced tools to transfer ownership to their manager/colleague for any files/folders they may have created and then unshare them from WORK and REFERENCE.

We have not made WORK or REFERENCE to be the Owner of the sub-folders and documents which they contain because it would require that only someone logged into Central System would be able to delete them. We simply use our own version of Central System to provide a unified data structure for our Users. The Users each retain the 5gb of non-Gdocs storage space which is shared with other Users through WORK and REFERENCE.

We collaborate with external organisations and use EXTERNAL USERS as a portal. For example, our Auditors want access to our some of the data on our system. We created a sub-folder AUDITACCESS in the EXTERNAL ACCESS folder and granted our auditors' gmail accounts Read access to AUDITACCESS. We then use the Organise function to give them a View towards the files and folders which they need to access (but remember to hold the CTRL key down when you use the Organise function). This allows us to un-Organise files and folders, if necessary, since they are all listed in the AUDITACCESS folder and to un-share AUDITACCESS with our auditors email accounts, if necessary.

Hope this will give you a few ideas for organising your own system.

If you own the documents and share it with others, there is no way they will be actually able to delete the files. At the Max they will be able to remove it from their sight.