New User Account Provisioning
Overview
This article outlines the process for provisioning new user accounts and access for employees joining the organization. It covers the timeline, required information, systems provisioned, and coordination between HR, IT, and hiring managers.
Provisioning Timeline
Account provisioning follows a structured timeline to ensure new employees have everything they need on day one:
| Timeline | Activity | Responsible Party |
|---|---|---|
| 10 business days before start date | HR submits new hire request to IT | HR Department |
| 7 business days before start date | IT creates user accounts and provisions access | IT Service Desk |
| 5 business days before start date | Equipment ordered and configured | IT Infrastructure Team |
| 3 business days before start date | Workspace and phone setup completed | Facilities & IT |
| 1 business day before start date | Final verification and testing | IT Service Desk |
| Day 1 - Start date | Welcome email sent, onboarding begins | IT & HR |
Required Information
To provision a new user account, HR must provide the following information through the new hire request form:
Employee Details
- Full legal name (as it appears on government ID)
- Preferred first name (if different from legal name)
- Employee ID number
- Start date
- Employment type (full-time, part-time, contractor, intern)
- Personal email address for pre-start communications
- Personal mobile phone number
Organizational Information
- Department and cost center
- Job title
- Office location and building
- Reports to (direct manager name and email)
- Team or group assignment
Access Requirements
- Role-based access template (if applicable)
- Specific applications and systems needed
- Security clearance level (if applicable)
- Special access requests
- Distribution lists and shared mailboxes
Equipment Requirements
- Laptop model based on role (see Laptop Upgrade Policy)
- Monitor requirements (single, dual, ultrawide)
- Peripherals (keyboard, mouse, headset, webcam)
- Mobile device (if required by role)
- Docking station or adapters
- Special software or tools
Standard Account Provisioning
All new employees receive the following standard accounts and access:
Core Systems
- Active Directory Account: Network login and authentication
- Email Account: Microsoft 365 or Google Workspace mailbox
- VPN Access: Remote network connectivity
- WiFi Access: Corporate wireless network credentials
- Intranet Portal: Company information and resources
- IT Service Desk Portal: Submit support tickets and requests
Collaboration Tools
- Microsoft Teams or Slack workspace
- Video conferencing licenses (Zoom, Teams)
- Cloud storage (OneDrive, Google Drive, SharePoint)
- Calendar and scheduling tools
- Document collaboration platforms
HR and Administrative Systems
- HR management system (payroll, benefits, time off)
- Learning management system
- Employee directory
- Expense reporting system
- Time tracking system (if applicable)
Username and Email Assignment
Usernames and email addresses follow standardized naming conventions:
Standard Format
- Username: firstname.lastname (e.g., john.smith)
- Email: firstname.lastname@company.com
- Display Name: Firstname Lastname
Conflict Resolution
If the preferred username already exists:
- Add middle initial: firstname.m.lastname
- Add number: firstname.lastname2
- Use preferred name if specified
- Consult with hiring manager for alternatives
Role-Based Access Provisioning
Access is granted based on job role using predefined templates:
| Role Category | Example Roles | Additional Access Granted |
|---|---|---|
| Engineering | Software Developer, DevOps Engineer | Code repositories, development tools, build systems, cloud platforms |
| Sales | Account Executive, Sales Rep | CRM system, sales analytics, proposal tools, customer databases |
| Marketing | Marketing Manager, Content Creator | Marketing automation, analytics platforms, design tools, social media management |
| Finance | Accountant, Financial Analyst | ERP system, financial reporting, budgeting tools, payment systems |
| HR | Recruiter, HR Specialist | Applicant tracking system, HRIS, benefits administration, background check tools |
| Executive | VP, Director, C-Level | Business intelligence, executive dashboards, board portals, enhanced security |
Security Configuration
All new accounts are configured with standard security settings:
Authentication
- Temporary password provided (must be changed on first login)
- Multi-factor authentication (MFA) required
- Password complexity requirements enforced
- 90-day password expiration policy
Device Security
- Full disk encryption enabled
- Mobile device management (MDM) enrollment
- Endpoint protection and antivirus
- Automatic screen lock after 5 minutes
- Remote wipe capability enabled
Data Security
- Data loss prevention (DLP) policies applied
- Email encryption for sensitive content
- Cloud backup enabled
- Access logging and monitoring
Equipment Preparation
IT prepares new employee equipment according to specifications:
Laptop Configuration
- Install latest operating system and updates
- Join device to company domain
- Install standard application suite
- Configure email and calendar
- Install role-specific software
- Enable security features and policies
- Create local admin account for IT support
- Apply asset tag and record in inventory system
Standard Software Installation
- Microsoft Office Suite or Google Workspace
- Web browsers (Chrome, Edge, Firefox)
- VPN client
- Antivirus and endpoint protection
- Video conferencing software
- Password manager
- Adobe Acrobat Reader
- Compression tools (7-Zip, WinRAR)
Workspace Setup
Physical workspace is prepared in coordination with Facilities:
Desk Setup
- Laptop, monitor(s), keyboard, and mouse
- Docking station and cables
- Phone (if applicable)
- Headset for video calls
- Power strips and cable management
- Welcome packet with IT quick start guide
Phone Provisioning
- Assign phone number
- Configure voicemail
- Add to company directory
- Set up call forwarding if needed
- Provide voicemail PIN
Day One Activities
Welcome Email
New employees receive an automated welcome email containing:
- Username and temporary password
- Instructions for first login
- Link to IT onboarding portal
- IT service desk contact information
- Scheduled IT orientation session time
- Security awareness training enrollment
IT Orientation Session
New employees attend a 30-minute IT orientation covering:
- System login and password change
- MFA setup and registration
- Email and calendar configuration
- VPN setup for remote work
- IT policies and acceptable use
- How to request IT support
- Overview of available tools and systems
First Week Tasks
New employees must complete these tasks within the first week:
- Change temporary password to secure permanent password
- Set up multi-factor authentication
- Complete security awareness training
- Review and acknowledge IT policies
- Configure mobile device for work email
- Test VPN access from home
- Join required Teams/Slack channels
Special Provisioning Scenarios
Contractors and Temporary Workers
- Limited access based on contract scope
- Account expiration date set to contract end date
- No access to sensitive internal systems
- Additional security restrictions applied
- Sponsor employee required for access requests
Interns
- Standard employee access with some restrictions
- Account expires at internship end date
- Manager approval required for sensitive data access
- Assigned to intern-specific distribution lists
Remote Employees
- Equipment shipped to home address
- Virtual IT orientation session
- Enhanced VPN and remote access setup
- Additional collaboration tool licenses
- Remote support phone number provided
Executives and VIPs
- Priority provisioning timeline (5 days)
- Premium equipment and accessories
- White-glove setup and support
- Direct IT contact assignment
- Enhanced security and privacy settings
Access Request Process
For access not included in role-based templates:
Standard Access Requests
- Manager submits access request through IT portal
- Specify application or system needed
- Provide business justification
- IT reviews and provisions access within 24 hours
- User receives notification when access is granted
Elevated Access Requests
Access to sensitive data or administrative systems requires:
- Manager approval
- IT Manager approval
- Security review (for high-risk access)
- Compliance training completion
- Annual access recertification
Group and Distribution List Management
New employees are added to relevant groups and distribution lists:
Automatic Group Assignments
- All Employees
- Department-specific groups
- Office location groups
- New hire orientation group (removed after 90 days)
Manager-Requested Additions
- Project teams
- Specialized interest groups
- Cross-functional committees
- Social and activity groups
Verification and Quality Assurance
Before the start date, IT performs comprehensive testing:
Account Verification
- Test login to all provisioned systems
- Verify email delivery and calendar functionality
- Confirm access to required applications
- Test VPN connectivity
- Validate permissions match role requirements
Equipment Testing
- Power on and verify OS functionality
- Test all installed applications
- Verify network and internet connectivity
- Check peripheral device functionality
- Confirm security settings are applied
Common Provisioning Issues
| Issue | Cause | Resolution |
|---|---|---|
| Account not created by start date | Late HR notification to IT | Emergency provisioning process; temporary access until complete |
| Equipment not available | Supply chain delays | Provide loaner equipment until permanent device arrives |
| Missing application access | Not included in role template | Manager submits access request; granted within 24 hours |
| Email not working | Synchronization delay | Wait 30 minutes; reset if issue persists |
| Cannot login to computer | Account not synced to device | Restart device; manually sync account |
Manager Responsibilities
Hiring managers play a key role in successful provisioning:
Pre-Start Checklist
- Ensure HR has submitted new hire request 10 days before start
- Review and approve role-based access template
- Submit any additional access requests
- Confirm equipment specifications are correct
- Identify team members for initial collaboration setup
Day One Support
- Welcome employee and introduce to team
- Confirm IT equipment is ready at workspace
- Ensure employee attends IT orientation
- Provide overview of tools and systems used by team
- Address any immediate access needs
Troubleshooting New Hire Issues
For issues during the first week:
Immediate Issues (Day 1)
- Contact IT service desk immediately
- Priority support provided for new hires
- Dedicated IT staff available during onboarding sessions
Ongoing Support
- IT provides enhanced support during first 30 days
- Weekly check-ins automated via email
- Feedback survey sent after 30 days
Provisioning Metrics and SLAs
IT maintains the following service level agreements for new user provisioning:
| Service | SLA Target |
|---|---|
| Account creation (standard) | 7 business days before start date |
| Account creation (rush) | 3 business days before start date |
| Equipment preparation | 5 business days before start date |
| Day 1 readiness | 100% of accounts functional |
| New hire support response | Within 1 hour during business hours |
Support and Contact Information
For new user provisioning questions or issues:
- IT Service Portal: servicedesk.company.com
- New Hire Support Line: ext. 4360
- Service Desk Email: servicedesk@company.com
- HR Coordination: hr-it@company.com
Last Updated: November 2025
Policy Owner: IT Operations Team