Offboarding is the structured process that takes place when an employee leaves the organization. From an information security perspective, offboarding includes deactivating all access, collecting devices and access media (badges, tokens), securing relevant data, and reminding the individual of ongoing confidentiality obligations (NDA). ISO 27001 Annex A.6.5 requires defined responsibilities after termination of employment. Incomplete offboarding leads to orphan accounts, which pose a significant security risk. Automate the process through your IAM system wherever possible to ensure no access is overlooked.