I am trying to find out some recommendations on how a company should manage apple development program's development and distribution certificates specially so that code signing is performed by the appropriate business unit and more specifically by the appropriate employee to protect the company's reputation, and for that it is important that I find some information about how the big guys do it i.e. Microsoft, Google, ... I realize that is not something they would advertise, but there's gotta' be a way to find that information. I would appreciate it if you know where this information could be.
How do big companies manage their distribution certificates
Can't speak directly to this, but both the large and small companies I have worked at have struggled with the way enterprise certs work since you are only allowed essentially 1 cert at a time (with the 2nd cert allowing for overlap to avoid any downtime). This has caused common scenarios where multiple teams or business units are trying to ship apps to result in either a shared machine that needs to build all apps across the teams, or sharing of private keys.
There is now the cloud cert process, but it's very unclear from the docs on how to build apps in this way.