Effective management of user accounts for both new joiners and departing employees is crucial for maintaining security and data integrity within our organisation. The following process outlines the steps to be taken when tracking user accounts during both onboarding and offboarding:

Onboarding Process:

1. User Account Creation Request:
   • The HR department notifies the IT department about a new employee joining the organisation.
   • The HR department provides necessary details, including the employee’s full name, position, department, and start date.
2. Account Creation:
   • The IT department creates a new user account based on the provided details.
   • A strong, unique initial password is generated, and the user is informed to change it upon first login.
3. Access Rights Assignment:
   • IT assigns access rights and permissions based on the employee’s role and responsibilities.
   • Access should follow the principle of least privilege to ensure that employees only have the necessary access for their tasks.
4. Notification and Training:
   • The user is provided with their login credentials and instructions for accessing company systems.
   • IT may offer training or resources for using the organisation’s systems and security best practices.

Offboarding Process:

1. Departure Notification:
   • HR informs IT about an employee who is leaving the organisation.
   • The notification includes the employee’s name, position, last working day, and reason for departure.
2. Account Review:
   • IT reviews the departing employee’s accounts and access rights across all systems and applications.
   • All accounts and associated access rights are documented for further action.
3. Access Revocation:
   • IT promptly revokes the departing employee’s access to all company systems and applications.
   • This step is crucial to prevent unauthorised access post-employment.
4. Data Backup and Archival:
   • Any important data owned by the departing employee is backed up and archived as needed.
   • This ensures business continuity and regulatory compliance.
5. Account Deactivation:
   • The user accounts are deactivated or disabled to prevent any accidental or unauthorised access.
   • This includes email accounts, network logins, and other systems.
6. Hardware and Device Collection:
   • IT coordinates with the employee’s department to collect any company-owned devices, such as laptops, smartphones, and access cards.
7. Data Transfer or Handover:
   • Depending on the situation, IT may transfer ownership of certain data or files to relevant team members.
   • Proper documentation ensures a smooth transition of responsibilities.
8. Final Clearance:
   • HR confirms with IT that all necessary account deactivations and data transfers have been completed before the employee’s departure is finalised.

By following this comprehensive process, we ensure that user accounts are created, maintained, and terminated in a secure and organised manner, reducing the risk of data breaches and maintaining the integrity of our systems and information. This process is subject to periodic review and updates to align with evolving security practices and organisational needs.