Owner: CISO, with CHRO
Effective Date: May 8, 2026
Reviewed: Annually
Frameworks: SOC 2 CC6.1–CC6.3 (timely access removal); ISO/IEC 27001 A.5.11 (return of assets) and A.6.5 (post-termination responsibilities). Implements the Access Control Policy and Human Resources Security Policy.
Effective Date: May 8, 2026
Reviewed: Annually
Frameworks: SOC 2 CC6.1–CC6.3 (timely access removal); ISO/IEC 27001 A.5.11 (return of assets) and A.6.5 (post-termination responsibilities). Implements the Access Control Policy and Human Resources Security Policy.
SLAs
Access-termination SLAs match the tiered matrix in the Access Control Policy → Removal & adjustment. Where this procedure and the policy ever appear to disagree, the policy controls.| Separation scenario | Access termination SLA |
|---|---|
| Involuntary separation, security incident, or “for cause” termination | Within 1 hour of HR / Legal / CEO signal; CISO may suspend access immediately on credible threat indicator |
| Voluntary departure with notice | By end of last business day (synchronous with the Rippling offboarding workflow) |
| Role change reducing privileges, or access no longer needed | Same business day the change is identified |
- Device return — within 5 business days for remote employees (return shipping label provided); same-day for in-office staff.
Trigger
CHRO initiates offboarding via the Offboarding intake form — which files into the CHRO offboarding workflow in Linear — as soon as the separation date is confirmed. For involuntary or sensitive terminations, CHRO coordinates with IT and Security in advance, before submitting the form.Checklist (IT / Security)
- Disable user in IdP (Rippling).
- Revoke active sessions / refresh tokens across SaaS apps.
- Remove from all group memberships.
- Revoke production / privileged access.
- Rotate any shared secrets the user had access to.
- Suspend / forward email per CHRO instruction.
- Initiate device collection (or remote wipe + reprovision).
- Run user-access deprovisioning report; file evidence.
Checklist (CHRO)
- Confirm any post-termination security/confidentiality obligations (NDA, IP assignment) are communicated in writing.
- Update HRIS to “terminated” — triggers downstream deprovisioning.
- Recover office keys and any physical access credentials (in-office staff); flag unreturned keys to Security for re-keying.
- Final paycheck / equity / benefits processing per the CHRO runbook in SharePoint (CHRO folder).
Devices
- Collected devices are wiped (cryptographically erased and reset) and reprovisioned for the next user. Devices that fail wipe verification, or that are end-of-life, are routed to certified destruction per Records Disposal & Certificates of Destruction.
- Device images may be retained at the discretion of management for business purposes.
- For damaged devices that cannot be wiped, an e-waste service with data-destruction certificate is used. COD retained for 1 year.
Records
Offboarding evidence (deprovisioning ticket, signed return form, COD if applicable) is retained for at least 1 year.Version history
| Version | Date | Description | Author | Approved by |
|---|---|---|---|---|
| 1.0 | May 8, 2026 | Initial version | Cameron Wolfe | Ishan Jadhwani |