A technician is completing the offboarding checklist for an employee whose access ends today. Which of the following actions most directly prevents the former employee from re-entering company premises or using company-owned hardware after departure?
Collect all company-issued access badges, keys, and portable devices from the employee.
Forward the employee's mailbox to their manager and leave the account enabled for 30 days.
Change the employee's network password and email it to their personal address for reference.
Postpone disabling the employee's VPN account until Human Resources finalizes paperwork.
Retrieving all company-issued access badges, keys, laptops, smartphones, and similar devices ensures that no physical token or hardware containing corporate data remains in the former employee's possession. NIST SP 800-53 PS-4 (Personnel Termination) explicitly requires organizations to "retrieve all security-related … property" such as identification cards and hardware tokens. Failing to do so leaves a path for unauthorized physical entry or data extraction, whereas the other options either leave some form of access in place or expose credentials to unnecessary risk.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is collecting company-issued access cards and devices important during termination?
Open an interactive chat with Bash
What could happen if the access cards and devices are not collected?
Open an interactive chat with Bash
What is the purpose of an exit interview in the termination process?