Each CIP member organisation will have at least one individual with 'Owner' permissions at the group level.

That individual is responsible for reviewing the other GitLab users from their organisation to ensure permissions are correct.

For people who are are no longer working on the project, our suggestion is to give 'Reporter' permissions, although this is up to the discretion of each 'Owner'.