Skip to content

Appendix I. Cookie Policy

Approved Software

2025.2

CAP Index Employee Exiting/Temrination checklist is as follow:

IT / Security

-[ ] Immediate Account Deactivation: As soon as an employee leaves, their AD account is immediately deactivated and revoke active sessions. This prevents unauthorized access and maintains security.

-[ ] Password Change: Change the password of the account to ensure that the former employee cannot access it, even if they know the original password.

-[ ] Audit and Review Access Rights: Conduct a thorough review of the access rights associated with the account. Ensure that all permissions are removed or adjusted as necessary to prevent unauthorized access to sensitive data. This includes any internal/external websites.

-[ ] Data Backup and Transfer: Before deactivating the account, ensure that any important or business-critical data is backed up and transferred to the appropriate team or individual within the organization.

-[ ] Retention Policy Compliance: Follow CAP Index’s data retention policy. If the policy requires retaining certain user data for a specific period, ensure that this is adhered to.

-[ ] Disable or Redirect Email: Disable the email account or set up email forwarding to a manager or replacement employee. An autoresponder can also be configured to inform senders of the employee’s departure.

-[ ] Email Retention: Create backup of pst for archive purposes. Once backed up, convert to shared mailbox.

-[ ] OneNote Document Retention: Create backup of user OneNote for archive purposes. Once completed remove E5 license if needed.

-[ ] Document Actions: Keep a record of all actions taken regarding the deactivation and handling of the former employee’s account. This documentation is essential for audits and compliance.

-[ ] Regular Account Audits: Periodically review and audit inactive accounts. Remove or archive accounts that are no longer needed or are outside of the retention policy window.

-[ ] Group Membership Cleanup: Remove the user from any distribution lists or security groups to prevent unnecessary access or receipt of sensitive information.

-[ ] Use of a Standardized Offboarding Process: Implement a standardized offboarding process that includes steps for handling AD accounts. This ensures consistency and reduces the risk of overlooking critical security measures.

-[ ] Legal and HR Coordination: Coordinate with legal and HR departments to ensure compliance with any legal requirements or company policies related to employee data and access.

-[ ] Monitoring for Suspicious Activity: Even after deactivation, monitor the accounts for any suspicious activity. This can help in identifying potential security breaches.

Operations

-[ ] Send an email to changes@protectionbureau.com to the attention of Rich Rissel to delete employee from the alarm code listing effective immediately.

-[ ] Retrieve fob and/or keys.

-[ ] Retrieve computer, etc. (any CAP Index property).

-[ ] To term Dental Insurance go to the Emerson Reed Website as of 2-1-2021: https://www.mybenefitbilling.com.

-[ ] To term Health Insurance go the the IBX website https://www.ibx.com and make the changes effective 2-1-2021.

-[ ] Go to the Hartford Website at https://employerview.hartfordlife.com and term the employee from our Group Life & Disability Insurance.

Following these practices helps maintain security and compliance in the organization, ensuring that the departure of an employee does not create vulnerabilities or compliance issues.