On company-owned devices, IT admins have the ability to disable factory reset protection (FRP) or enable enterprise factory reset protection (EFRP).
Enterprise factory reset protection allows you to specify which Google Accounts can activate a device that has been factory reset and locked by factory reset protection. This way, you can ensure that only authorized users can access and use devices that have been reset.
Factory reset protection isn’t normally triggered by a reset through the Settings app. However, if the IT admin of a company-owned device sets a policy that locks the device to specific accounts, the policy will be enforced even if the reset is performed through the Settings app.
Note: Disabling FRP or enabling EFRP must be done prior to the device being factory reset.