Laptop logs exposed the gap - but a deeper breach is what ended his claim
A 98-hour timesheet gap, caught by laptop logs, cost a Defence-project worker his job - and his unfair dismissal claim.
When Leidos Australia suspected one of its systems administrators was clocking off early, it didn't rely on a hunch. It pulled the data - and what it found ended a career.
The company cross-referenced Mark Sherwood's company-laptop access records against the hours he had logged in its time-entry system, Deltek. The gap was hard to miss: 98 hours and 15 minutes between the time he recorded and the time his laptop tracked, between February and August 2025.
Sherwood had worked as a systems administrator since January 2024 on a Defence project building a health knowledge management system. The work touched national security, and Leidos - a global defence, IT and biomedical company engaged by Australia's Department of Defence - ran it under tight security rules.
Asked to explain the discrepancy, Sherwood said he had done the work from home, writing code on his personal laptop because it ran the Linux software he needed. He insisted the code was generic, carried no Defence or client data, and that he never moved Defence documents onto the device. The company saw it differently: what it believed was a clear breach of security protocols on a national-security contract.
Leidos sent a detailed allegations letter on August 18, 2025, invited a written reply, and held a meeting the next day. It offered Sherwood a support person, which he declined. On August 26, 2025, it dismissed him for serious misconduct - breaching the Code of Conduct and the Australian Time Charging Procedure.
Sherwood took the case to the Fair Work Commission, arguing his dismissal was harsh, unjust or unreasonable. He said the company's reports were misleading because they only captured on-site work, that 24 hours was far too little time to answer seven months of allegations, and that he was never given a chance to address the personal-laptop security issue before being let go.
Commissioner Panopoulos accepted parts of that. The decision found 24 hours was not a reasonable window to respond to allegations covering seven months, and that the laptop security breach was not raised until the August 19 meeting. The process, in other words, had real gaps.
They were not enough. The Commission found Sherwood knew the rules, knew the work concerned national security, and knew the code belonged to Leidos. It described his attitude as an "unreasonable blasé approach to the matter of security," found the company had a "valid reason" to dismiss him, and concluded the procedural deficiencies were "not so significant that they outweigh the severity of the Applicant's misconduct."
The application was dismissed on June 3, 2026.
For HR teams, the decision lands on two points. The first is the power of objective evidence. Leidos did not build its case on a manager's suspicion; it used access logs measured against timesheets, and the Commission leaned on that data throughout. The second is more pointed. Procedural slip-ups do not automatically sink a dismissal. The Commission openly conceded the response window was too short and that one allegation arrived late - then upheld the termination anyway, because it found the misconduct serious enough to carry it.
That is not a license to cut corners. It is a reminder that strong evidence and genuinely serious conduct can hold up a dismissal even when the process is imperfect. And for anyone managing high-security or high-trust roles, it underlines that breaches tied to confidentiality and data security sit at the sharpest end of the misconduct scale.
