Employee Onboarding & Offboarding Policy


Effective Date: 01 Jan 2024
Applies To: All full-time, part-time, contractual, remote, and intern employees
Departments Responsible: Human Resources (HR), Information Technology (IT), Administration

1. Purpose

This policy establishes a structured framework for managing the lifecycle of employee access, equipment, and responsibilities from the time of hiring to departure. It ensures:

  • Secure allocation and revocation of system access
  • Protection of company assets and data
  • Smooth integration of new employees
  • Proper knowledge transfer and data protection during exits

2. Objectives

  • Ensure new hires are onboarded efficiently with the necessary tools, training, and access
  • Securely deprovision systems and retrieve assets when an employee leaves
  • Maintain operational continuity and security compliance
  • Document all asset and access transactions for auditing and accountability

3. Scope

This policy applies to:

  • All employees (permanent, temporary, contractual, remote)
  • Interns and trainees
  • Freelancers/consultants with system or office access

4. Onboarding Policy

a. Pre-Onboarding Activities

  • HR must notify IT and Admin at least 7 working days prior to the new employee’s joining date.
  • The hiring manager submits an Onboarding Request Form specifying:
    • Role and department
    • Required tools, software, and access levels
    • Type of device and office setup

IT Department Responsibilities:

  • Create user accounts (email, internal platforms, project tools)
  • Assign software licenses and storage space as per role
  • Setup and configure devices (laptop/desktop) with standard security protocols
  • Maintain records in the Asset Management System

Admin Responsibilities:

  • Prepare workstations (in-office) or ship equipment to remote employees
  • Generate and issue access cards, ID badges, and office keys (if applicable)

b. First Day Orientation

  • HR conducts a detailed employee induction session, covering:
    • Company culture and policies
    • Code of conduct and ethics
    • IT and Cybersecurity policies
    • Acceptable Use of Assets and Internet Policy
  • Employees must sign the following forms:
    • NDA (Non-Disclosure Agreement)
    • IT Policy Acknowledgment
    • Asset Handover Form

c. System Access and Permissions

  • All access must follow Role-Based Access Control (RBAC) principles
  • Unique login credentials must be issued and documented securely
  • MFA (Multi-Factor Authentication) is mandatory for sensitive tools or cloud access
  • Temporary employees are given time-limited credentials with auto-expiry

d. Probation Period Monitoring

  • During probation, the manager and HR evaluate:
    • Work quality, punctuality, and compliance
    • Safe and appropriate use of systems and equipment
  • Any misconduct or misuse is reported and addressed immediately

5. Offboarding Policy

a. Triggering Offboarding

  • HR must initiate the offboarding process:
    • Upon receiving resignation, termination, or contract end
    • For long-term leave, project completion, or internal transfers
  • A Notice of Separation is sent to IT, Admin, and the reporting manager

b. Access Deactivation

IT Department Must:

  • Revoke all digital access within 30 minutes to 2 hours of separation notice:
    • Email, VPN, internal portals, CRM, DevOps tools, cloud storage
    • Communication apps (Slack, Microsoft Teams, etc.)
    • GitHub, Jira, Bitbucket, etc. (as applicable)
  • Remove user from group lists, mailing lists, and team channels
  • Archive or transfer critical data to the reporting manager or designated user

c. Asset Return and Clearance

Employee Must Return:

  • All hardware: laptop, charger, monitor, mobile device, accessories
  • Access cards, security tokens, dongles, ID badge
  • Any remote work equipment (headset, chair, etc.)

Admin Responsibilities:

  • Verify and inspect asset condition
  • Log details in the Asset Return Form
  • Share final asset clearance confirmation with HR and IT

d. Data Handover

  • Employee must transfer all relevant work files, documentation, and credentials
  • Unfinished projects or pending tasks must be delegated as per manager's instructions
  • Personal data on company devices must be removed (after IT approval)

e. Exit Interview and Final Steps

HR Will:

  • Conduct an exit interview to capture feedback and address concerns
  • Ensure clearance from Admin, IT, Finance, and Manager
  • Submit the Final Clearance Checklist to initiate full and final settlement

6. Exceptions and Special Cases

  • In case of immediate termination, access is disabled immediately, and device retrieval is prioritized.
  • For employees under legal investigation, devices may be retained for forensic review.
  • Remote employees must ship assets within 3 working days post-separation, using the company's preferred courier.

7. Documentation and Audit

All onboarding and offboarding steps must be documented, signed, and stored for compliance and audit purposes, including:

  • Onboarding Checklist
  • Asset Handover/Return Forms
  • IT Access Logs
  • Exit Clearance Form
  • Exit Interview Notes

8. Compliance and Violations

Non-compliance with onboarding/offboarding steps may result in:

  • Delays in system provisioning or salary payments
  • Loss of data or operational disruption
  • Disciplinary actions for managers or employees
  • Legal action for unreturned equipment or unauthorized data access

9. Policy Review

This policy will be reviewed annually by the HR and IT departments, or earlier in case of:

  • Changes in law or regulatory compliance
  • Introduction of new technology or security protocols
  • Business expansion or reorganization