We currently have our offboarding checklist (for operations) on https://office.wikimedia.org/wiki/VerboseOffboard.
I am uncertain of the validity of the IT section of this document. I've chatted with Joel, and it seems that possibly not all HR dismissals are communicated to them in the same fashion.
This was triggered by T108126, as it lists ex-employees who did NOT have production shell access, but did have labs access and were assgined to the ldap wmf group. These should have been cleaned as a matter of course, but I cannot find any tasks for them.
Ideally, we would have the HR department file a task for these. Since these are very specific requests, I think they are deserving of their own project. I'd suggest #ops-access-removals, as it follows our current standard for SRE-Access-Requests (and our internal team Ops-Access-Reviews)
If it needs to be a private task, anyone filing a task would need to ensure they select the 'Other confidential issue' from the security drop down box. Since many of the offboarding actions are not private (git logs and the like), I'm not sure there is any good reason to make ALL of these project tasks default to private; just set that on a one by one basis when creating the tasks.
We can create hyperlinks (like the others under https://wikitech.wikimedia.org/wiki/Operations_requests which will generate the task and all needed settings, leaving HR to populate the name field.
IRC discussion on 2015-08-06 lead to the above adjustments (this task initially was Ops and IT, now is Ops and HR). Mark will be chatting with Terry and others next week. Ideally our process would include both Ops and IT being notified by the same process.