Let me clarify: the type of procedure I suggested requires close collaboration between HR, legal, IT and the department the employee is in, and it requires careful execution. That can ensure that employees are not terminated while they are out sick, among other things.
For example:
It's Friday afternoon. HR calls department manager and asks them if Bob is currently at his desk. Department manager confirms.
HR then asks department manager to ask to have a quick chat with Bob, and to notify HR immediately before that meeting starts. Department manager arranges this with Bob, who is wrapping up another meeting.
15 minutes later, department manager sends an email or IM to HR saying he/she and Bob are about to head over to the meeting room, where Bob will be fired.
HR confirms, then contacts the IT department and asks them to immediately revoke Bob's access to all critical systems. (The procedure for this will be established well in advance, and documented. Ideally a script will make this a single-click operation.)
In the meeting, Bob finds out that he is being let go at the end of the day, and told that he can spend the remainder of his time at the office saying goodbyes and maybe even writing a goodbye email to his coworkers if he chooses to do so. He is explicitly instructed to BCC his manager and HR in that email. He is also made aware, both verbally and in writing, that his access to all other systems has been revoked, and even attempting to use those systems will alert HR and result in him immediately being escorted out.
--
Of course you also need strict policies such as "employees cannot use their personal email addresses when signing up for products and services on behalf of the company." That way if you fire someone you don't lose access to critical systems. Have a shared email for each department that is used for that purpose.
For example:
It's Friday afternoon. HR calls department manager and asks them if Bob is currently at his desk. Department manager confirms.
HR then asks department manager to ask to have a quick chat with Bob, and to notify HR immediately before that meeting starts. Department manager arranges this with Bob, who is wrapping up another meeting.
15 minutes later, department manager sends an email or IM to HR saying he/she and Bob are about to head over to the meeting room, where Bob will be fired.
HR confirms, then contacts the IT department and asks them to immediately revoke Bob's access to all critical systems. (The procedure for this will be established well in advance, and documented. Ideally a script will make this a single-click operation.)
In the meeting, Bob finds out that he is being let go at the end of the day, and told that he can spend the remainder of his time at the office saying goodbyes and maybe even writing a goodbye email to his coworkers if he chooses to do so. He is explicitly instructed to BCC his manager and HR in that email. He is also made aware, both verbally and in writing, that his access to all other systems has been revoked, and even attempting to use those systems will alert HR and result in him immediately being escorted out.
--
Of course you also need strict policies such as "employees cannot use their personal email addresses when signing up for products and services on behalf of the company." That way if you fire someone you don't lose access to critical systems. Have a shared email for each department that is used for that purpose.