Employee Offboarding Security Checklist
Use this checklist to ensure every departing team member is properly offboarded from a security and compliance perspective. These steps help reduce the risk of data leakage, support access management, and align with SOC 2 and ISO 27001 controls.
Task | Evidence to Provide | Relevant Policy |
|---|---|---|
Final Day Confirmed | HR Confirmation or Exit Interview Notes | Offboarding Policy |
All System Access Removed | Access Revocation Log, Ticket Confirmation | Access Management Policy |
MFA Revoked or Tokens Disabled | Auth System Logs, User Deletion Confirmation | Authentication Policy |
Company Assets Returned | Signed Return Log or Updated Asset Register | Asset Management Policy |
Email and Chat Accounts Deactivated | Screenshot or IT Ticket Confirmation | Communication Policy |
External Access Revoked (Vendors, Tools) | Vendor Portal Screenshot or Audit Log | Third-Party Management Policy |
Role Removed in HR System | HR System Update or Employee Status Change | Org Structure Policy |
Exit Interview Conducted | Interview Summary or HR Documentation | HR or People Policy |
Final Pay & Benefits Settled | Payroll Record or Termination Form | Hiring or Compensation Policy |
Legal Obligations Reconfirmed | Signed Acknowledgment or Offboarding Packet | Confidentiality Policy |
Offboarding Checklist Completed | Signed Checklist or HR Sign-Off | Offboarding Policy |