A 4-year-old media company is using the AWS Organizations all features feature set to organize its AWS accounts. According to the company's finance team, the billing information on the member accounts must not be accessible to anyone, including the root user of the member accounts. Which solution will meet these requirements?
AAdd all finance team users to an IAM group. Attach an AWS managed policy named Billing to the group.
BAttach an identity-based policy to deny access to the billing information to all users, including the root user.
CCreate a service control policy (SCP) to deny access to the billing information. Attach the SCP to the root organizational unit (OU).
DConvert from the Organizations all features feature set to the Organizations consolidated billing feature set.