Blog → Zendesk Employee Off Boarding Checklist: 8 Essential Steps

Zendesk Employee Off Boarding Checklist: 8 Essential Steps

April 08, 2026
employee off boarding checklist zendesk offboarding license management saas cost savings it security
Zendesk Employee Off Boarding Checklist: 8 Essential Steps

Meta description: Ex-employees with active Zendesk access create security risk and wasted spend. Use this employee off boarding checklist to revoke access and recover licenses.

An ex-employee left three months ago. Their Zendesk seat is still active. If you’re on Suite Professional, that can mean $115 per agent per month on annual billing. Worse, they may still be able to log in, read tickets, and view customer data.

That is not a rare edge case. It is what happens when offboarding lives in email threads, spreadsheets, and someone’s memory. Formal processes are more common now, with 70% of organizations having a documented offboarding process according to 2025 statistics highlighted by Newployee’s roundup of industry data, but the gap between having a process and closing access is still where teams get burned: https://www.newployee.com/blog/employee-offboarding-statistics-for-2025.

For Zendesk admins, an employee off boarding checklist needs to be more technical than a generic HR template. You are not just collecting a laptop and removing Slack access. You are dealing with agent seats, admin roles, open tickets, OAuth connections, macros, data exports, and finance questions about why the bill has not gone down.

Use the checklist below when someone leaves, changes roles, or finishes a contract. The steps are in the order that usually causes the least pain. Security first. Customer continuity second. Documentation third. Cost recovery throughout.

1. Revoke Zendesk Agent Access and Licenses

Do this on the employee’s last working day, not whenever someone gets around to it.

The biggest mistake I see is treating Zendesk deactivation as a cleanup task. It is not cleanup. It is an access control event. Only 44% of companies revoke all access rights within 24 hours of departure, according to data cited by Newployee from Gartner: https://www.newployee.com/blog/employee-offboarding-statistics-for-2025.

What to remove first

Start with the Zendesk user account itself. Check whether the person is:

If they had elevated rights, check Admin Center, business rules, and any shared credentials your team should not be using in the first place.

A common failure mode is deactivating the person in your IdP and assuming Zendesk is done. Sometimes it is. Sometimes it is not. If SSO is misaligned, if provisioning drifted, or if a contractor was created manually, that seat can stay assigned.

What works and what does not

What works:

What does not:

Disable access first. Preserve the account history long enough to transfer ownership, export what you need, and document the change.

Real-world scenario: a support manager leaves, but their admin account remains because the team wants to preserve old macros and views. You do not need active access for that. Reassign those assets, then remove the seat.

2. Conduct License Audit and Cost Recovery Analysis

Once access is cut, look at the seat you just freed and ask a harder question. Do you need it at all?

Many teams stop too early. They remove one user and feel done. Meanwhile, other inactive seats stay on the account because nobody checked broader usage patterns.

Zendesk pricing makes that expensive fast. Annual billing rates are listed at $55 for Suite Team, $89 for Growth, $115 for Professional, and $169+ for Enterprise per agent per month. If you offboard someone from a 30-person team and reassign the seat without checking demand, you can carry avoidable spend into your next renewal.

Audit before you reassign

Run the audit before you hand that seat to the next hire. Look at:

Nudge Security’s survey found that teams spend an average of 5 hours per employee on offboarding tasks, and more than 1 hour can go just to compiling a full list of cloud and SaaS access across multiple sources: https://www.nudgesecurity.com/post/employee-offboarding-by-the-numbers.

That lines up with what happens in Zendesk-heavy environments. By the time you check Admin Center, HR records, and your IdP, you have already lost time. You also still may not know whether the seat was needed.

Turn one departure into a broader cleanup

Use the departing employee as a trigger for a wider review. I would look at every agent in the same group, then sort by recent activity. If multiple seats show little or no usage, you may have a staffing shift, not a one-person vacancy.

A solid software license auditing approach helps you separate three decisions:

Finance cares about that distinction. So should you.

Good offboarding is not only about revoking access. It is one of the cleanest moments to challenge whether your current Zendesk license count still matches reality.

Scenario: a QA analyst with occasional ticket access leaves. Instead of auto-replacing the seat, the admin checks usage and finds that two other occasional users could share workflow coverage without needing full agent capacity.

3. Transfer Ticket Ownership and Customer Relationships

If you deactivate first and sort tickets later, customers feel it.

The handoff has to happen before the account goes dark. Open tickets, pending replies, side conversations, escalations, and account-specific context need a new owner. If the departing employee handled named accounts or internal queues, that transfer matters even more.

Reassign work with intent

Do not bulk assign every open ticket to one unlucky teammate. Split by queue, skill, language, priority, and customer tier.

A better handoff usually includes:

In Zendesk, views make this manageable. Filter by assignee, status, organization, tags, and forms. Build a departure view if your team handles this often.

Do not lose the undocumented stuff

Remote and hybrid teams often struggle with this. Standard checklists tend to mention “knowledge transfer” but skip the messy platform-specific details, like personal macros, ad hoc triage habits, or niche views only one agent understands.

That gap matters. The University of Washington hybrid offboarding page points to the need for more structured remote handoffs, and the research summary tied to that source notes that hidden responsibilities are often missed in distributed teams: https://hr.uw.edu/hybridwork/managing-the-hybrid-workplace/offboarding-checklist/.

What works in practice:

Scenario: your most experienced billing support agent leaves. Their ticket count looks normal, but they also maintain unofficial macro language for refund edge cases. If nobody captures that, the replacement team gives inconsistent answers for weeks.

4. Remove Access to Zendesk Integrations and Connected Tools

The Zendesk account is only part of the exit.

A departed employee may have touched Salesforce, Jira, Slack, HubSpot, Stripe, Aircall, or a private knowledge base through Zendesk-connected workflows. If you stop at core account deactivation, old tokens and app permissions can stay alive in places your HR checklist never mentions.

Map every connection the person used

Check the obvious systems first, then the ones teams forget:

This part is painful when you do not maintain a current app inventory. In many teams, the support org adds tools over time and documents none of it well.

Why this step is often incomplete

iSpring’s offboarding checklist highlights the general need to revoke system access, but the research around that source points out a recurring blind spot in most checklists: they do not go deep on SaaS license and software access cleanup for tools like Zendesk, especially where usage-based review could recover idle seats and linked app access: https://www.ispring.com/knowledge-hub/offboarding-checklist.

That tracks with real life. Generic templates say “remove systems access.” They do not tell you where support teams usually leave residue:

If a user could reach customer data through Zendesk or because of Zendesk, put that system on the checklist.

Scenario: a senior agent is removed from Zendesk, but their Salesforce user remains active because they only touched it through the sidebar app. Weeks later, nobody remembers they still had direct CRM access.

Test critical workflows after removal. Make sure automations still run. A bad offboarding process can break routing just as easily as it can leave access open.

5. Backup and Archive Agent Data and Communications

Do not deactivate first and then realize you needed the data.

You may need ticket history, internal notes, attachments, audit trails, or evidence tied to a dispute, regulatory review, or customer complaint. Once the account is removed from active use, getting everything back is slower and messier.

Preserve key data

You do not need to export every byte every time. You do need a repeatable rule for what gets kept and where.

Focus on:

The key point is sequencing. Archive first, deactivate second, delete last.

Build retention into the process

If you have legal or regulated retention needs, involve the right owner before the final day. Support teams often assume IT or legal is already handling it. Sometimes nobody is.

What works:

What does not:

Scenario: an agent handled a long-running escalation with finance and legal involved. Six months later, the customer disputes what was promised. If your only record is the public thread and you lost the private notes and attachments, your team has to reconstruct the story from fragments.

Data retention is not glamorous. It is one of the few offboarding steps you only appreciate after something goes wrong.

6. Update Team Rosters and Redistribute Workload Allocation

After the account is gone, your queue design changes whether you planned for it or not.

Support leaders often treat staffing and offboarding as separate topics. In Zendesk they are tightly linked. Remove one experienced agent and you may also remove language coverage, escalation judgment, admin backup, or a niche product specialty.

Rebalance by skill, not headcount

A one-to-one replacement mindset causes problems. Two agents with lighter workloads may absorb one departure better than a rushed backfill. In other cases, one specialist leaves and your metrics drop because nobody else can handle that queue.

Update the things teams often forget:

Then monitor what changed.

Watch the next few weeks closely

Offboarding spills into service quality. Newployee’s roundup cites Forbes reporting that 59% of companies have experienced data breaches linked to inadequate offboarding processes, which is the security side of the problem, but the operational side is just as real when incomplete handoffs and role changes leave teams scrambling: https://www.newployee.com/blog/employee-offboarding-statistics-for-2025.

For workload management, I would check:

Scenario: a bilingual agent exits. You remove the seat correctly, but you forget they were the unofficial owner of your weekend queue for one region. Nothing breaks on day one. By day five, unresolved tickets pile up because routing still points to old assumptions.

Be transparent with the team. If coverage will be thinner for a while, say so and adjust targets where needed. Distributing work without context is how burnout starts.

7. Document Offboarding Actions and Update License Inventory

If it is not documented, your future audit turns into archaeology.

Many teams do the work, then fail to capture what happened. Months later, finance asks why the Zendesk invoice stayed flat after several departures. IT says seats were removed. HR says they closed the tickets. Nobody has one record everyone trusts.

Keep one source of truth

Your offboarding record should include:

Only 68% of companies maintain dedicated compliance checklists according to data cited in Newployee’s 2025 roundup: https://www.newployee.com/blog/employee-offboarding-statistics-for-2025. That gap shows up fast in SaaS admin work, where it is easy to complete steps informally and impossible to prove them later.

Update the license inventory right away

A stale inventory causes two kinds of damage. Security misses old access. Finance keeps paying based on outdated assumptions.

Your inventory does not need to be fancy. It does need to answer these questions at a glance:

Scenario: a contractor leaves, the admin removes access, but the internal tracker is not updated. A month later another admin sees an “available” seat in a spreadsheet that was already reassigned. They buy an unnecessary additional license because the inventory cannot be trusted.

Documentation helps mature teams save time later. You are buying down future confusion.

8. Implement Proactive License Monitoring to Prevent Future Inactive Licenses

Manual offboarding catches one event. Ongoing monitoring catches the drift that manual processes miss.

That drift results in ghost seats. People move teams. Contractors roll off. Temporary admins finish projects. Accounts stay paid because nobody is looking between renewals.

Use inactivity as an operational signal

Start with a clear rule for review. You do not need an aggressive auto-removal policy. You need a defined trigger that tells you when a human should look.

A good monitoring setup usually includes:

Nudge Security’s survey found only 32% of organizations have automated 75% or more of their IT offboarding for cloud and SaaS access, despite broad confidence in their process: https://www.nudgesecurity.com/post/employee-offboarding-by-the-numbers.

That gap is exactly why teams keep finding old Zendesk seats months after a departure.

Make offboarding part of ongoing license governance

A dedicated tracking approach helps here. A software license tracking system for Zendesk and other SaaS tools gives you a repeatable way to spot unused seats before renewal season forces the conversation.

What works:

What does not:

Scenario: a support engineer moved into product operations but kept an agent seat for occasional ticket lookups. Months later, they have not touched Zendesk. Nobody notices because they were never formally offboarded from support.

Zendesk Employee Offboarding: 8-Point Checklist Comparison

Item 🔄 Implementation Complexity ⚡ Resource Requirements 📊 Expected Outcomes 💡 Ideal Use Cases ⭐ Key Advantages
Revoke Zendesk Agent Access and Licenses Low–Medium: straightforward admin deactivation; watch timezones Admin privileges, Zendesk UI; optional automation tool Immediate license free-up, reduced unauthorized access Immediate offboarding, quick cost recovery Fast security closure; rapid cost reclamation
Conduct License Audit and Cost Recovery Analysis Medium–High: data collection and analysis required Access to usage logs, finance input, analytics tools Quantified savings, plan optimization recommendations Pre-offboarding reviews and budget reforecasting Data-driven decisions; measurable ROI
Transfer Ticket Ownership and Customer Relationships Medium: ticket routing rules and manual handoffs Agent time, routing rules, documentation effort Continued SLA compliance, reduced customer impact Departures of senior/specialized agents Preserves service continuity and knowledge transfer
Remove Access to Zendesk Integrations and Connected Tools Medium–High: mapping integrations and revoking tokens IT support, vendor contacts, integration logs Reduced downstream security risk, closed attack vectors Offboarding with many connected apps or sensitive data Closes cross-system security gaps; prevents data exfiltration
Backup and Archive Agent Data and Communications Medium–High: large exports and indexing Storage, backup tools or third‑party archivers, legal input Retained records for compliance and e-discovery Regulated industries or litigation holds Preserves audit trail and institutional knowledge
Update Team Rosters and Redistribute Workload Allocation Medium: analysis + reassignments, monitoring post-change Workforce management tools, manager time, analytics Balanced queues, maintained SLA performance Small teams or specialized skill gaps Prevents bottlenecks; enables staffing decisions
Document Offboarding Actions and Update License Inventory Medium: process discipline and record-keeping Central repository, checklists, cross-team sign-offs Audit-ready trail, accurate license inventory Enterprises with compliance/audit requirements Ensures accountability and accurate financials
Implement Proactive License Monitoring to Prevent Future Inactive Licenses Medium: initial setup, policy tuning Monitoring tool (e.g., LicenseTrim), HR integration Ongoing license savings, fewer manual audits Organizations with recurring churn or many tenants Turns one-off recoveries into continuous optimization

Turn Offboarding From a Cost Center Into a Savings Opportunity

A good employee off boarding checklist protects customer data, keeps queues moving, and gives finance a cleaner number to work with. It also fixes a problem that tends to hide in plain sight. Zendesk seats rarely disappear on their own. They stay active because someone assumed another team handled it.

That is why generic HR offboarding documents fall short for Zendesk admins. They usually cover laptops, email, and a manager handoff. They do not cover agent licenses, admin permissions, marketplace apps, ticket reassignment, view ownership, or the difference between deactivating a user and reducing paid seat waste.

You do not need a huge process to fix that. You need a disciplined one.

Start with the order of operations:

Following that sequence helps many teams improve fastest.

It also helps to accept one trade-off. Manual offboarding gives you control, but it is easy to miss the quieter forms of waste. A contractor account created outside your IdP. A temporary admin seat nobody removed. A role change that left someone with paid access they no longer need. Those do not show up neatly in an HR termination workflow.

The broader issue is not only departures. It is inactivity.

Newployee’s roundup cites Ponemon Institute data saying 20% of data breaches involve ex-employees within six months after departure, and the same roundup also cites Cybersecurity Ventures saying 85% of IT professionals see offboarding as a peak vulnerability period: https://www.newployee.com/blog/employee-offboarding-statistics-for-2025. That should get your attention from a security angle. From a budget angle, the problem is just as practical. Every forgotten seat rolls into another invoice.

If you manage Zendesk for a mid-sized team, build this into your standing operating rhythm. Run the checklist on every departure. Then review inactive seats on a schedule, not only when someone resigns.

LicenseTrim is one option if you want that review to rely on usage data instead of spreadsheet guesses. It connects to Zendesk with read-only access through OAuth, flags inactive agents, and shows how much spend is tied up in unused licenses. That is useful when you want to turn a one-time offboarding cleanup into ongoing license governance.

Your next step should be concrete. Pick one recently departed employee and audit everything that should have happened: account deactivation, ticket transfer, integrations, archives, and seat recovery. If that check finds one miss, your process needs tightening. If it finds several, fix the workflow before your next renewal, not after it.

If you want a faster way to spot inactive Zendesk seats before they turn into another renewal surprise, try LicenseTrim. It audits agent usage with read-only access and shows where unused licenses are still costing you money.