Resources
← Back to all resources
Checklist

Employee Offboarding Checklist

Ensure clean employee exits — revoke access, collect hardware, transfer data, and update asset registry.

Before the Last Working Day (1-2 Weeks Before)

  • HR notifies IT of the employee's last working day via a helpdesk offboarding ticket.
  • IT prepares the offboarding checklist based on the employee's access matrix.
  • Identify data that needs to be transferred — emails, files, project ownership.
  • Schedule a handover meeting between the departing employee and their manager.
  • Notify the employee about IT asset return procedures.

Last Working Day — Revoke Access

  • Disable the employee's directory/identity account (Google/Azure AD). This deactivates email, SSO, and all linked services.
  • Revoke access to all third-party tools: CRM, HRMS, project management, design tools, code repositories.
  • Remove the employee from all distribution lists, Slack channels, and team groups.
  • Reset API keys, personal access tokens, and service account passwords that the employee had access to.
  • Remove the employee from VPN access, Wi-Fi whitelist, and physical access cards.
  • Revoke any shared mailbox or calendar delegation permissions.

Last Working Day — Asset Collection

  • Collect all IT assets: laptop, charger, monitor, keyboard, mouse, headset, docking station.
  • Collect access cards, security tokens, and any company-owned mobile devices.
  • Inspect returned hardware for damage and note condition in asset registry.
  • Perform data sanitisation on collected devices — wipe storage using certified methods.
  • Update asset registry: status to 'Returned', mark for reassignment or disposal.

Last Working Day — Data Transfer

  • Forward emails to manager or successor (if required). Set up auto-reply with replacement contact.
  • Transfer file ownership from the employee's personal drive to manager or shared drive.
  • Transfer project ownership in project management tools.
  • Export any critical data needed for ongoing work. Archive the rest.
  • Document all transfer actions in the offboarding ticket for audit trail.

Post-Offboarding (30 Days After)

  • Confirm all access has been revoked and no dormant sessions remain active.
  • Archive the employee's email mailbox (do not delete for 90 days for compliance).
  • Run a security scan to detect any lingering access or forgotten service accounts.
  • Close the offboarding ticket with a summary of all actions taken.
  • Schedule a process review with HR to identify improvements for future offboardings.

Put this into practice with workro desk.

Create your workspaceMore free resources