Checklist: A Guide to the Best Offboarding Practices for Busy IT Teams

Often times, offboarding is thought of as a fairly simple operation outside IT. However, this is an outdated view, particularly in the modern era of SaaS software proliferation. It has gotten more complex as employee use of tools, particularly those outside the control of IT, has grown. Offboarding in this new reality, and done right, can have a large impact on how your IT team contributes to overall organizational success. With the tools necessary to help a business be more profitable and more secure, IT has the potential to become a real partner with HR and other departments in ensuring off-boarding becomes something you are good at vs. something that can weigh your company down unnecessarily.

While human resources managers may focus on employee relations, and positioning the company as best it can upon employees voluntarily and involuntarily leaving, an IT manager is more concerned with technology and its role in business operations. Employee access to company assets is typically managed by IT teams, and is often not thought through as much as legal issues HR departments handle when you go to off-board employees. Part of any employee lifecycle at a company is an employee offboarding process. From an IT perspective, it includes assessing ownership and access to both physical assets and services. On the services side, this includes adjusting or terminating software access in the best possible way.

While an onboarding process and eventual off-boarding are all part of the employee lifecycle, they can be distinctly different. Onboarding is typically more focused on system access authorization, troubleshooting access issues, and applying correct privileges (commonly managed through role-based access control or RBAC). An IT offboarding program, on the other hand, also involves the potential reallocation of licenses, transfer of system or software ownership, and review of both company process and need. The extent of of an IT team's involvement varies from company to company. However, there is an opportunity in this area to become a better business partner and steward of company resources if done right.

Even prior to an exit interview or exit survey of an employee, IT teams should already know how to handle asset and system deprovisioning. This includes having a process in place, clearly defined roles within that process, and mechanisms or systems in place for management. This is all easier said than done. In the modern SaaS environment where IT doesn't control all applications, even things like identifying SaaS product ownership internally can be a challenge. While HR may have things like a company-branded exit portal in place or other automated systems for something like a resignation process, IT teams are often reactive in their approach. The anxiety and rushed nature of IT service management (ITSM) requests in this area don't need to produce the fire drill they often do. IT really comes down thinking through the function and putting well supported processes in place.

Much of the anxiety and hassle that is part of an IT off-boarding process for employees can be avoided. More often than not, a smooth transition becomes elusive because the upfront work around access and process documentation hasn't been done. With good reason, it can be time consuming a require a lot of coordination to get these in a usable state. Successful off-boarding, particularly when it involves software, can be the combination of typical SaaS management and identity access management (IAM) software. However, there is a new breed of identity governance administration (IGA) tools that can help you effectively manage both cost optimization and security risk. Some functionality to consider in a single solution is the identification of licenses by SaaS product, ability to alter access, automated communication and approval workflow, and broader access review functionality to manage risk more holistically. A single solution here can reduce the time and effort you spend on offboarding tasks. It can also help you produce better results and eliminate the anxiety associated with offboarding.

An example of workflow automation for a software provisioning request might include notification by the human resources team of a new employee joining the sales department via project management software. This software often captures the request via a form, which is the trigger for the workflow process to begin. The request is then routed to an IT manager, who inquires of the hiring manager what software and permissions within that software should be provided. The IT manager then often uses pre-determined permission groups for the department to automate the provisioning via an identity access management (IAM) tool with adjustments per the hiring manager's input. The ticket is then closed with notifications and often setup instructions to involved parties that access has been granted. The extent of the digital workflow is often hidden to the source team, in this case, human resources. As you can see, this process involves several systems and people, and while part of this may be robotic process automation, there are still some gaps that are handled manually. Whether it's an efficient workflow that helps improve operations is always up for review.

For IT, workflow automation can has a significant impact, especially when more of those manual bits can be automated. Any workflow automation process has the potential to reduce costs and improve efficiency by allowing teams to focus on higher-value activities instead of repetitive tasks. This is why organizations like Amazon, Google, and Salesforce invest heavily in this type of technology.

Further benefits of using IT workflow automation software that is integrated with your systems include improving new hire productivity and shortening their ramp up time, which helps them provide faster value to the organization. IT teams can also benefit by reducing time spent on lower level tasks like provisioning, which can eat up over 25% of a team's time in SaaS intensive work environments. Applied to de-provisioning or offboarding of employees, workflow automation logic can also reduce risk and potentially avoid lost revenue related to security breaches by addressing privileged access issues.

Every department in modern mid- to enterprise-size businesses can benefit from workflow automation. Here are some examples of workflow automation: Sales departments might use automated workflows to better capture contact information for prospects and communicate with them. A marketing team may use automated workflows to route leads more effectively across several technology platforms to the right team members. For IT, it can dramatically improve the provisioning of SaaS solutions, help address security issues related to privileged access (to company systems and customer data), and also help with access reviews that are part of compliance processes. More advanced workflows could might include vendor reviews or vendor risk assessments. There are so many types of workflow automation in which rule-based logic can eliminate manual workflows prone to human errors and put in place significant process improvements that help an organization thrive.