Employee termination policy
Whether due to resignation, layoff, or firing, separating employees from the business is never a pleasant process. Even so, it’s critical to follow a systematic procedure to ensure that all necessary measures are taken. This policy provides guidelines for disabling former employee access, reclaiming company equipment, and finalizing payroll/benefits details. It complements our Employee termination checklist, which should be filled out by involved individuals/departments and can be printed or used in electronic format shared with appropriate personnel.
From the policy:
Access and assets should be the underlying theme of the termination process:
- Access refers to accounts, systems, devices, and any other elements that the employee used to do their job, often via an account they had to sign in with, whether individual or shared.
- Assets refer to digital or physical property belonging to the organization (data as well as devices) and employee entitlements such as payroll, benefits, and vacation time.
To complete all termination steps, disabling, removing, or reassigning access goes along with ensuring that assets end up in the appropriate hands. These should both be managed as quickly as possible, especially if the termination is on an involuntary basis.
You should think of how to disable access beginning from the inside and working your way out. Internal accounts should be sealed off followed by external/remote access, then external sites. Take special consideration when working with terminated IT staff; they often have the proverbial “keys to the kingdom,” all of which must be changed accordingly—a process sure to be complicated and that can place a significant workload upon existing staff. For this reason, it makes sense to limit these so-called keys beforehand based on “least accessed needed” principles.