H
As additional ideas, I’d recommend some of the following ideas in streamlining information capture and termination procedures:
– For terminations, HR should only be responsible for sending IT security an email with an effective date/time (or calling the ‘hot line’ in the case of a high profile termination). This keeps their job simple and usually they don’t have the details associated with equipment issued to the employee. Once they are in the loop, the timeliness and communications will improve considerably.
– The manager of the terminating employee or IT should be responsible for maintaining an inventory of physical equipment issued to employees. This can help in collecting cell phones, security entrance cards, tokens, laptops, or any other equipment issued to the employee.
– The IT security department should perform removal of security access. Usually, they can do this by platform at a high level, without having to go into the granular removal of access by file or server. In fact, removing all detailed access rights can be deterimental as often the new hire needs to be modeled after the departing employee. Some employees find that the ‘pastures aren’t always as green on the other side’ and occasionally they might be even rehired.
These ideas may not be applicable to all situations or organizations. Also dividing up the responsibilities into multiple areas means that everyone must treat these tasks as critical each time an employee leaves the company. Senior management may also have to promote and reinforce these policies as well. Still, having each area contribute where they have the most appropriate logical role has worked well in the past in my experiences