Preparing for Key IT Staff Turnover Guide

An FRSecure Self-Help Document of Guidelines and Best Practices

When key IT or security staff leaves your organization for whatever reason, it’s important that you create a plan to limit lapses in security efforts and protection during the transition period. The ability to continue normal business operations through the changes will be critical in properly protecting information.

This guide is meant to be a starting point for your business. It paints a picture of what things you need to be thinking about when preparing for IT staff turnover and allows you to mold and shape policies and procedures from its recommendations.

This document will help you:

  • Understand what’s important to address during the transition
  • Think about IT staff turnover like disaster recovery
  • Shape recommendations into actions and policies while logging the changes
Preparing for Key IT Turnover

Preparing for Key IT Staff Turnover

Turning over key IT staff requires additional planning activities and steps to ensure that the company protects itself from malicious activities during the turnover process and ensures continued normal business operations. In addition to the standard user turnover activities at your organization such as disabling network access, remote access, system accounts, and access cards; retrieving assets; changing any shared passwords; reminding the turning over user of NDA requirements; etc., there are additional turnover activities to consider when key IT staff depart. When planning for a key IT staff turnover, it’s useful to reference your disaster recovery strategy – the key activities documented in your disaster recovery plan needed to resume business operations are many of the same key IT activities that you want to ensure continue to operate smoothly after the staff’s departure. Below is a list of information security items to address for a key IT staff turnover. While not all-inclusive, this list provides much of the foundational knowledge needed to ensure continued operation of your network:

  • Make sure an updated inventory of assets exists – know what assets you have and what assets you need to focus protection on.
  • Make sure an updated network diagram and data flow diagram exists – make sure you have full visibility of your network and don’t lose sight of lesser-used resources with the loss of staff.
  • Inventory administrative accounts – create an inventory of all administrative accounts and passwords (including service accounts) that the user had access to; if a password keeper is in use, change the password.
  • Inventory administrative tools and functions – be sure you know what tools are used for key functions like patch management, AV/malware, email gateway, logging and alerting, backup, etc.
  • Inventory all encryption keys and certificates – create an inventory of all encryption keys and certificates along with their use, expiration, and any support details.
  • Inventory all key vendors/external contacts and functions – create an inventory of key support contacts that can be utilized to ensure a smooth transition and continued operation of your network; also ensure all maintenance agreements are documented.
  • Document key processes – make sure standard and specialty tasks have documented operating procedures.

Definitions

See Appendix A: Definitions

Waivers

Waivers from certain policy provisions may be sought following the FR Secure Waiver Process.

Enforcement

Personnel found to have violated this policy may be subject to disciplinary action, up to and including termination of employment, and related civil or criminal penalties.

Any vendor, consultant, or contractor found to have violated this policy may be subject to sanctions up to and including removal of access rights, termination of contract(s), and related civil or criminal penalties.