Professional Documents
Culture Documents
MDT - On-Off Boarding Checklist - Template - V.4. - Revised 2013-11-25 - Medisetty
MDT - On-Off Boarding Checklist - Template - V.4. - Revised 2013-11-25 - Medisetty
Date Yes / No
Comments
On-boarding Checklist Verified or N/A
1. New member has been approved to be added by the IBM/
Medtronic combined Operations Committee
2. New GBS workforce member has completed required IBM Yes
DS&P Project Specific Training (IBM employees,
subcontractors and affiliates)
3. HIPAA education is completed at on boarding within 30 days NA
of on-boarding by eligible resource (and annually thereafter
and evidence retained for 6 years).
HIPAA Training HLS0102/ SRM21906
3. New GBS workforce member has completed or attended all Yes
Medtronic required Induction or Awareness training.
4. Access requests have been submitted to the appropriate
Process Owners to grant the new GBS workforce member
access to the appropriate: teamrooms, networks, or systems.
5. An on-boarding request has been submitted to MDT and
acknowledged by MDT.
6. The types of access requests (read, write, change, update,
ALL), submitted for the new GBS workforce member are
appropriate for the role they will be performing on the project,
contract or account.
7. Access to Medtronic PHI has been approved by BAM/ PM
with appropriate business need to access regulated data.
8. The Client is aware of the new GBS workforce member, the
role they will be performing, the systems they will be
accessing and the type of access they will need.
9. The new GBS workforce member is aware of the type of Yes
information they will have access to (for example, Client
sensitive personal information) in the systems, applications or
databases they will have access to.
10. The Resource Master List has been updated.
11. Project documentation (roles and responsibilities, SOD,
Workforce Member Master Log, User access list) has been
IBM Confidential Page 1
Date Yes / No
Comments
On-boarding Checklist Verified or N/A
updated to include this new GBS workforce member and the
role they will be performing.
12. If GR resource, work permit has been established
13(i). New resource has submitted documents for background Yes
checks
13(ii). Background check and drug testing completed according to
contractual requirements.
14. New GBS workforce member’s PC is compliant with
ITSC300. PGP Whole Disk Encryption is installed and
operating.
15. If the new GBS workforce member will have any privileged Yes
access, they are aware of workstation usage restrictions
according to IBM standards (as defined in ITCS300).
16. Workforce member’s ISAM record is updated to reflect their Yes
current project job role
17. ITCS300 compliance validation is reviewed to assure ISAM Yes
Risk Indicator is set to SPI and HIPAA
18. Resource has signed HIPAA acknowledgment form. NA
19. New GBS workforce member understands that they should Yes
not use any Open Source Software or LinuxOS on this project
without appropriate IBM approval regardless of how obtained
(e.g. client provided).
Date Yes / No
Comments
Off-boarding Checklist Verified or N/A
1. All software licenses (not part of the MDT Standard Load)
have been returned to their owner, and the software removed
from the MDT workstation.
2. Documents and information related to the project or area
have been returned. Confidential documents have been
returned (or destroyed as required). IBM CONFIDENTIAL
information has been removed from MDT issued hardware/
workstations.
3. Formal communications with the Client was sent informing
the client that the GBS workforce member is leaving the
project.
4. MDT hardware/workstations have been returned to MDT in a
state consistent with MDT policies (regarding hard drive
formatting, with power on and windows passwords identified
or removed etc.), and the email captured showing receipt of
the hardware return.
5. If applicable, desktop and laptop(s) have been returned. If
client hardware, all IBM Confidential information has been
removed in a manner so that it cannot be recreated. Hard
disk was reformatted if necessary.
6. Confirm all MDT Confidential, Personal Information, Sensitive
Personal Information (including application data and project-
specific code) has been removed from the GBS workforce
member's workstation and other portable storage media used
by the workforce member before the workforce member has
IBM Confidential Page 2
Date Yes / No
Comments
Off-boarding Checklist Verified or N/A
left the project, contract or account..
Completed checklists are stored in the Medtronic teamroom and retained for a minimum of 24 months from off-
boarding