https://www.shieldq.com/en-gb/Google-apps-content-compliance

* Access Admin Console: Log into your Google Workspace Admin Console.
* Navigate to Reports: Go to the Reports section within the Admin Console.
* OAuth Token Audit Log: Access the OAuth Token Audit Activity logs. This log provides detailed information about third-party applications that have been granted access to your Google Workspace data.
* Review Data Access: Review the logs to see which applications have accessed what type of data. This includes details on the scopes of access requested by the applications.
* Generate Report: Create a report from these logs to provide granular insight into the data accessed by third-party applications. This report can be used to assess and mitigate any potential risks.
References
* Google Support: Token audit log

* Create External Accounts: In the Google Admin console, create new Google Workspace accounts for the external regulatory authority members.
* Assign Vault Privileges: Navigate to the Admin roles and assign the necessary Google Vault privileges to these accounts, ensuring they have the access needed to view reports and data for the investigation.
* Configure Security Settings: Ensure that the external users have secure access, potentially with additional security measures such as two-factor authentication.
* Monitor Access: Regularly audit and monitor the activity of the external users to ensure compliance with your organization's data policies and security requirements.
* Revoke Access When Done: Once the investigation is complete, promptly revoke access to ensure continued security of your data.
References:
* Google Vault Help - Assign Vault Privileges
* Google Workspace Admin Help - Add Users

Create a Google Group:
Go to the Google Groups interface.
Click on "Create Group."
Enter the group name, email address (e.g., [email protected]), and description.
Configure Group Settings:
After creating the group, go to "Group settings."
Under "Permissions," set who can view topics, post, and join the group as per your requirement.
Set Up Collaborative Inbox:
In the Group settings, navigate to "Settings" > "Email options."
Check the box for "Enable Collaborative Inbox."
This option allows group members to assign topics, mark them as resolved, and categorize posts for better management.
Assign Roles and Permissions:
Define roles for members (e.g., Manager, Member).
Assign permissions to allow various levels of access, such as viewing and managing conversations.
Add Members:
Add the employees who need access to this group.
Go to "Manage members" and click "Add members."
Reference:
Google Groups Collaborative Inbox
Create and Configure Google Groups