Joiner-mover-leaver automation with HRIS sync, access provisioning, and secure offboarding.
The challenge
New starters wait days for access. Role changes leave old permissions in place. Leavers retain access weeks after departure. HR and IT hand off via email and spreadsheets with no audit trail.
How Fig helps
HRIS-triggered workflows automatically provision access, assign training, allocate equipment, and send policy sign-off requirements. New starters are compliant from day one.
Role changes trigger access reviews, updated training requirements, and equipment reallocation. Old permissions revoked automatically. No accumulation of access over time.
Secure offboarding with access revocation, equipment recovery, knowledge transfer, and compliance evidence. Every step documented for audit.
Syncs with Workday, SuccessFactors, BambooHR, and ADP. A new starter in your HRIS automatically triggers the full onboarding workflow in Fig. No manual handoffs.
Fig enforces structured onboarding with training gates, tracks offboarding SLAs including access revocation and asset return deadlines, and detects SLA breaches automatically. HRIS sync failures trigger security alerts with retry tracking.
Audit-ready workflow
People Lifecycle should not be treated as a standalone tool surface. In Fig it is part of a governed workflow: a signal is captured, an owner is assigned, a control or risk is updated, and evidence is retained so the organisation can prove what happened later.
Lifecycle
The Protect phase is where this capability sits in the wider Fig operating model. New starters wait days for access. Role changes leave old permissions in place. Leavers retain access weeks after departure. HR and IT hand off via email and spreadsheets with no audit trail. Fig turns that problem into a repeatable lifecycle so MSPs, risk teams, and auditors are not relying on static spreadsheets or ad hoc screenshots when a buyer asks for proof.
Evidence captured
For people lifecycle, useful evidence normally includes the triggering record, the affected asset or supplier, the control requirement, the assigned owner, the decision made, the timestamp, and the outcome. That evidence is mapped back to frameworks such as Cyber Essentials, ISO 27001, NIS2, DORA, GDPR, CMMC, and internal policy requirements where relevant.
Implementation checks
Useful references
The exact evidence required still depends on your scope, risk profile, sector, and framework obligations.
Built for you
Standardised JML processes across all client organisations. Portfolio-wide onboarding compliance tracking and offboarding verification.
Learn moreAutomated HR-to-IT handoffs that satisfy ISO 27001 A.7 (Human Resource Security) and A.9 (Access Control) requirements without spreadsheet processes.
Learn moreComplete evidence of access provisioning, role-based training assignment, policy attestation, and secure offboarding for every employee lifecycle event.
Learn moreProtect
Common questions
Workday, SuccessFactors, BambooHR, and ADP. New HRIS integrations are added based on demand. The integration is bidirectional where supported.
Fig tracks every step of the onboarding workflow. If access provisioning is not completed within the SLA, it escalates automatically. Nothing falls through the cracks.
ISO 27001 Annex A.7 requires structured processes for joiners, movers, and leavers. Fig automates these with documented evidence at every stage, eliminating the manual processes that auditors flag.
Yes. Contractors follow the same lifecycle workflows with configurable access expiry dates, contract-linked permissions, and automatic offboarding when the engagement ends.
Fig triggers access revocation workflows immediately on leaver notification. The specific timing depends on your policy - some organisations revoke immediately, others allow a transition period. Both are configurable and documented.
Next step
Book a walkthrough tailored to your frameworks and tooling.
We only load non-essential analytics and advertising tags after explicit consent. You can review our cookie register in the cookie policy section and update your choice at any time via “Cookie settings” in the footer.