Unfortunately, every organization has their fair share of terminations. The separation could be a retirement, or it could be an employee that just didn’t work out. Either way, it is important that steps are taken to ensure any employee, or even volunteer, that is terminated has their access to all systems and facilities removed.
One of the most important parts of this process is defining a time-frame for promptly disabling access after a staff member has been terminated. This time-frame is specific to the organization but removing access as close to the final day of employment as possible will minimize risk. If the employee being terminated was responsible for managing a system, you’ll want to make sure the organization maintains access to those systems and information.
Conducting an exit interview is also important to the termination process. This exit interview can be used to collect company owned property like keys, badges, and mobile devices. In order to collect all of the company owned property you will need to reference a checklist or tracker for what the employee has been given. Many departments may be involved in gathering an accurate list of items to collect. For example, IT may have a list of mobile devices issued and the Security Department may have a list of keys and badges issued. If HR is conducting the exit interview, they will need to contact the appropriate people for an accurate list of issued property to ensure it is all collected. The confidentiality agreements and other security topics should be reviewed with the terminated employee during the exit interview, as well.
When someone is terminated the appropriate staff members should be notified in a timely manner. Security may need to be notified to escort them out of the facility, as well as co-workers in case that the terminated person attempts to access information and systems.
Lastly, all policies and procedures around terminations, disabling access, exit interviews and collecting organizational property should be formally defined and documented. These policies and procedures should be reviewed on an annual basis with any needed changes made.