Employee Onboarding & Offboarding Policy
Effective Date: 01 Jan 2024
Applies To: All full-time, part-time, contractual, remote, and intern employees
Departments Responsible: Human Resources (HR), Information Technology (IT), Administration
1. Purpose
This policy establishes a structured framework for managing the lifecycle of employee access, equipment, and responsibilities from the time of hiring to departure. It ensures:
- Secure allocation and revocation of system access
- Protection of company assets and data
- Smooth integration of new employees
- Proper knowledge transfer and data protection during exits
2. Objectives
- Ensure new hires are onboarded efficiently with the necessary tools, training, and access
- Securely deprovision systems and retrieve assets when an employee leaves
- Maintain operational continuity and security compliance
- Document all asset and access transactions for auditing and accountability
3. Scope
This policy applies to:
- All employees (permanent, temporary, contractual, remote)
- Interns and trainees
- Freelancers/consultants with system or office access
4. Onboarding Policy
a. Pre-Onboarding Activities
- HR must notify IT and Admin at least 7 working days prior to the new employee’s joining date.
- The hiring manager submits an Onboarding Request Form specifying:
- Role and department
- Required tools, software, and access levels
- Type of device and office setup
IT Department Responsibilities:
- Create user accounts (email, internal platforms, project tools)
- Assign software licenses and storage space as per role
- Setup and configure devices (laptop/desktop) with standard security protocols
- Maintain records in the Asset Management System
Admin Responsibilities:
- Prepare workstations (in-office) or ship equipment to remote employees
- Generate and issue access cards, ID badges, and office keys (if applicable)
b. First Day Orientation
- HR conducts a detailed employee induction session, covering:
- Company culture and policies
- Code of conduct and ethics
- IT and Cybersecurity policies
- Acceptable Use of Assets and Internet Policy
- Employees must sign the following forms:
- NDA (Non-Disclosure Agreement)
- IT Policy Acknowledgment
- Asset Handover Form
c. System Access and Permissions
- All access must follow Role-Based Access Control (RBAC) principles
- Unique login credentials must be issued and documented securely
- MFA (Multi-Factor Authentication) is mandatory for sensitive tools or cloud access
- Temporary employees are given time-limited credentials with auto-expiry
d. Probation Period Monitoring
- During probation, the manager and HR evaluate:
- Work quality, punctuality, and compliance
- Safe and appropriate use of systems and equipment
- Any misconduct or misuse is reported and addressed immediately
5. Offboarding Policy
a. Triggering Offboarding
- HR must initiate the offboarding process:
- Upon receiving resignation, termination, or contract end
- For long-term leave, project completion, or internal transfers
- A Notice of Separation is sent to IT, Admin, and the reporting manager
b. Access Deactivation
IT Department Must:
- Revoke all digital access within 30 minutes to 2 hours of separation notice:
- Email, VPN, internal portals, CRM, DevOps tools, cloud storage
- Communication apps (Slack, Microsoft Teams, etc.)
- GitHub, Jira, Bitbucket, etc. (as applicable)
- Remove user from group lists, mailing lists, and team channels
- Archive or transfer critical data to the reporting manager or designated user
c. Asset Return and Clearance
Employee Must Return:
- All hardware: laptop, charger, monitor, mobile device, accessories
- Access cards, security tokens, dongles, ID badge
- Any remote work equipment (headset, chair, etc.)
Admin Responsibilities:
- Verify and inspect asset condition
- Log details in the Asset Return Form
- Share final asset clearance confirmation with HR and IT
d. Data Handover
- Employee must transfer all relevant work files, documentation, and credentials
- Unfinished projects or pending tasks must be delegated as per manager's instructions
- Personal data on company devices must be removed (after IT approval)
e. Exit Interview and Final Steps
HR Will:
- Conduct an exit interview to capture feedback and address concerns
- Ensure clearance from Admin, IT, Finance, and Manager
- Submit the Final Clearance Checklist to initiate full and final settlement
6. Exceptions and Special Cases
- In case of immediate termination, access is disabled immediately, and device retrieval is prioritized.
- For employees under legal investigation, devices may be retained for forensic review.
- Remote employees must ship assets within 3 working days post-separation, using the company's preferred courier.
7. Documentation and Audit
All onboarding and offboarding steps must be documented, signed, and stored for compliance and audit purposes, including:
- Onboarding Checklist
- Asset Handover/Return Forms
- IT Access Logs
- Exit Clearance Form
- Exit Interview Notes
8. Compliance and Violations
Non-compliance with onboarding/offboarding steps may result in:
- Delays in system provisioning or salary payments
- Loss of data or operational disruption
- Disciplinary actions for managers or employees
- Legal action for unreturned equipment or unauthorized data access
9. Policy Review
This policy will be reviewed annually by the HR and IT departments, or earlier in case of:
- Changes in law or regulatory compliance
- Introduction of new technology or security protocols
- Business expansion or reorganization