It can be an instinct to trust your employees; however, you must take precautions to ensure that your employees return digital assets appropriately. An employee may leave your business on a bad note and delay returning their company-owned laptop out of spite. Or an employee may simply forget to return their laptop charger and company flash drives while in the process of a promotion to a new department. Creating and enforcing a comprehensive Return of Assets Policy can help eliminate such events and smooth the process of offboarding employees.
This policy should be concise and clearly lay out the following points. It should then be issued to all employees and new hires.
- What is an Asset? The policy should list all assets that the policy applies to. These are all pieces of technical infrastructure owned by your organization and provided to employees for work-related purposes. Desktops, laptops, company mobile phones, desk phones, docking stations, keyboard and mice, cables, monitors, and removable storage devices are common company provided technologies that qualify as physical assets. Logical assets include software licenses, data including files and databases, and access to company software platforms. Oftentimes, logical assets do not need to be traditionally “returned”, instead their access can be revoked through typical offboarding procedures. Other assets include paper documents and keys for accessing facilities.
- Define Expectations for the Condition of Assets. You do not want company property returned with dirt and debris covering it. Therefore, your policy should define the expectations for the condition of physical technologies upon return. The policy should also clearly state the consequences of returning assets in poor condition, usually involving a financial penalty.
- Clearly State the Conditions for Return of Assets. These usually include the departure of an employee for any reason, but reasoning can also include transitioning roles and scheduled technology refresh cycles.
- State the Drop-off Procedure. This includes the location to drop off the assets, to whom the return needs to be confirmed with, any forms that should be completed, and a checklist for the receiving party to follow for confirmation of the return.
- Define the Deadline for Returns. The policy should define the grace period for employees to return the assets, usually in days or weeks.
- Define the Consequences for Late Return. Building off the previous point, make sure to outline the potential consequences of not returning assets. There should be multiple consequences arranged in a hierarchy. This could start with escalating financial penalties for late returns, to law enforcement involvement for refusal of return.
- Define Roles for Confirming and Validating the Return. This section should apply to the parties within your business that will handle the return of assets. These should be arranged as a checklist with the necessary roles noted. A typical arrangement would be the retrieval and confirmation of the return by a secretary, the inspection of the physical and digital condition of the assets by an IT director, and then the confirmation of the asset return and the asset details by a database administrator or other such role.