Offboarding Checklist (Coming Soon)
Optserv's upcoming structured offboarding checklist — credential rotation prompts, access revocation tracking, and collaborative completion.
Offboarding is one of the highest-risk moments in the employee lifecycle. A missed step — a shared password not rotated, a tool access not revoked — can leave a former employee with access they shouldn't have.
Optserv is building a structured offboarding checklist to make this process explicit and trackable.
The problem with ad-hoc offboarding
When someone leaves, the typical process involves:
- Someone remembers to revoke access
- They try to recall every system the person had access to
- Some systems get missed
- Weeks later, the former employee still has access to something they shouldn't
This is a process problem, not just a security problem. Without a defined checklist, offboarding relies on the institutional memory of whoever is handling it.
What the checklist will do
Automatic scope detection
When an employee is marked for offboarding, Optserv will compile their access scope:
- Staff role — what workspaces and features they had access to
- Account Sharing items — every shared credential they appeared in (as owner or member)
- School records — if they were assigned as a teacher
- Documents — files they owned
Credential rotation prompts
For each Account Sharing item they had access to, the checklist will prompt:
Jake had access to Instagram (@company), Stripe Dashboard, and Google Analytics Admin. → Rotate Instagram password → Rotate Stripe API key (or remove Jake from team members) → Verify Analytics — was he an account-level user or just view access?
This turns vague "revoke access" steps into specific, actionable prompts.
Collaborative completion
Offboarding often involves multiple people (IT, HR, their manager). The checklist supports:
- Assigning specific steps to specific people
- Tracking completion status per step
- Overall completion status so Admin and HR know the offboarding is done
Post-offboarding access confirmation
After all checklist items are marked complete, Optserv generates a summary:
- What was revoked automatically (Optserv-managed access)
- What was revoked manually (credential rotations, external tool access)
- What was left to the team's discretion (with notes)
Current behavior (without checklist)
Account Sharing access is automatically revoked when an employee is offboarded — this already happens today. What the checklist adds is:
- A structured view of what was revoked
- Prompts for things Optserv can't automatically revoke (the underlying password at Instagram, the API key at Stripe)
- A completion record for audit purposes
Timeline
The offboarding checklist is in development. No public ship date yet. See the Roadmap for updates.