All answers
What is an IT offboarding procedure?
March 6, 2026·2 min read·SOPs by Role and Use Case
An IT offboarding procedure is a step-by-step checklist for revoking a departing employee's access to company systems, recovering hardware, and securing data. It covers disabling accounts (email, SSO, SaaS tools), transferring file ownership, revoking VPN and building access, wiping devices, and archiving the employee's data. A missed step can leave the company exposed to unauthorized access.
What does an IT offboarding checklist include?
| Category | Actions |
|---|---|
| Identity & access | Disable SSO account, reset passwords, revoke MFA tokens |
| Disable account, set up auto-forward or out-of-office, transfer mailbox ownership | |
| SaaS tools | Deactivate accounts in CRM, project management, communication tools |
| Cloud storage | Transfer Google Drive/OneDrive ownership, archive shared files |
| Code & infrastructure | Revoke GitHub/GitLab access, rotate API keys, remove SSH keys |
| VPN & network | Disable VPN credentials, revoke Wi-Fi certificates |
| Physical access | Deactivate badge, recover building keys |
| Hardware | Collect laptop, phone, monitors; initiate device wipe |
| Communication | Remove from Slack channels, distribution lists, shared calendars |
What is the typical timeline?
| Timing | Action |
|---|---|
| Last day (immediate) | Disable SSO, email, and critical system access |
| Within 24 hours | Deactivate all SaaS accounts, revoke VPN |
| Within 1 week | Collect hardware, transfer file ownership, archive data |
| Within 30 days | Delete account data per retention policy |
How do you document this efficiently?
Record each deactivation step in your admin consoles using Glyde. The capture tool creates visual guides showing exactly which buttons to click in Google Admin, Okta, or Azure AD. This ensures any IT team member can execute the offboarding — not just the person who set up the accounts.
This answer is part of our guide to SOPs by role and use case.