Skip to end of banner
Go to start of banner

Vertic Employee Off boarding Process

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 3 Current »

This page outlines Vertic’s Account Deactivation and Applications Access Removal Process. By following this process, we can ensure that all systems and applications access is securely removed for departing employees, reducing the risk of unauthorised access and potential security breaches.

Preparation

  • Create an Access Inventory:

    • Compile a list of all systems, applications, and services the employee has access to

    • Identify any personal or shared accounts the employee might have used

Communication and Coordination

  • Notify IT Department:

    • Provide IT with account and systems for deactivation

  • Notify Accountants:

    • Notify accountants to update the employee's last working day for the pay cycle

    • Disable employee access to Xero

  • Set Timing:

    • Coordinate the exact time for deactivation to align with the end of the employee's last working day

Deactivation Actions on Last Working Day

  • Network and Email Access:

    • Network Access: Disable Google Apps access via Google Admin console. This will fully disable all access to the following:

      • Email

      • All File Access (via Google Drive)

      • All Google App Access (Docs, Sheets, Slides, Calendar)

    • Email Account: Set up forwarding or auto-reply if needed

  • BitWarden Password Manager:

    • Remove access to BitWarden

  • Corporate Applications:

    • Finance Systems: Revoke access to Xero Employee Portal

    • Salesforce: Disable access to Vertic Salesforce instance (if exists)

  • Communication Tools:

    • Slack: Deactivate Slack user account

    • JIRA: Remove access to project management tool JIRA

  • Developer and Technical Tools:

    • Version Control: Revoke access to GitHub code repositories

    • CI/CD Pipelines: Remove access to Copado continuous integration/continuous deployment tool

  • Asset Register:

    • Update the Vertic Asset Register to reflect changes

Post-Termination Verification

  • Audit and Verification:

    • Cross-check: Verify that all accounts and accesses listed in the inventory have been deactivated.

    • Check Logs: Review system logs to ensure no unauthorised access attempts.

  • Account Closure:

    • Close Accounts: Fully close and archive accounts where applicable to prevent future access.

  • Reallocation:

    • Reassign Ownership: Transfer ownership of any documents, files, or projects to other team members

      • This is completed via the Google Admin console

Detailed Deactivation Checklist

Please complete the relevant steps below:

Network and Email

  • Disable Google Account via Google Admin Console
  • Set up email forwarding/auto-reply (if needed)

BitWarden Password Manager

  • Remove access BitWarden

Corporate Applications

  • Remove access to Xero Employee Portal
  • Disable access to Vertic Salesforce

Cloud Services

  • Revoke access to Google Apps (completed via Step 1)

Communication Tools

  • Deactivate Slack user account
  • Deactivate JIRA user account

Developer and Technical Tools

  • Deactivate GitHub user account
  • Deactivate Copado user account

Post-Termination Verification

  • Verify deactivation of all accounts
  • Verify deactivation of BitWarden account
  • Review system logs for unauthorised access attempts
  • Close and archive relevant accounts
  • Transfer ownership of documents and files via Google Admin Console

  • No labels