Leaver Risk Checklist
A leaver risk checklist helps organizations manage trusted access and sensitive-data exposure before, during, and after employee departure.
Primary Audience & Scope
HR, managers, IAM, Security, Legal, program managers
When to Use
- •A workforce or third-party lifecycle event occurs.
- •High-impact access needs review.
- •Evidence of access decisions is required.
Interactive Work Area
Fill or track items interactively and copy out to your Clipboard
Template Table Structure
| Field | Working prompt | Item | Required evidence / record |
|---|---|---|---|
| Person or entity | Name, ID, role, organization, sponsor | Trigger | Departure, role change, contract end, review cycle, incident, exception |
| Access scope | Systems, data, facilities, privileged rights, groups, shared spaces | Decision | Keep, remove, modify, suspend, exception, investigate |
| Owner | Manager, IAM, data owner, vendor manager, Legal/HR as applicable | Due date | YYYY-MM-DD |
| Validation | Evidence that action was completed and reviewed | — | — |
Checklist Audit List
Departure type and date recorded.
Manager confirms role, projects, data ownership, and sensitive access.
IAM exports current access, groups, privileged roles, service ownership, and third-party accounts.
Security reviews recent sensitive data movement within approved boundaries.
Legal/HR review enhanced steps for involuntary, disputed, executive, privileged, or competitor transitions.
Devices, badges, keys, tokens, and documents returned.
Accounts, sessions, forwarding rules, tokens, OAuth grants, API keys, and repositories disabled or transferred.
Post-departure validation confirms access removal and no unauthorized activity.
What Completion Looks Like
- 1Access decisions recorded.
- 2Removals validated.
- 3Exceptions time-bounded.
- 4Evidence retained.
- 5Owner and due date assigned.
Insider Risk Capability Framework™ (IRCF™) Alignment
Operationalize This Template in RiskTKO®
Use RiskTKO® or request ITMG® support to adapt this template, align it to the Insider Risk Capability Framework™, and connect the output to measurable exposure reduction. Mover Risk Checklist