Symantec Encryption Management Server has the ability to manage individual keys and the top-level key is the Organization Key.
It is possible to delete this key, and during the next policy synchronization interval, the key will reappear, but will not be signed.
Signing happens only during enrollment. Re-enrolling the user will resign, but it's just as easy to right-click the key and sign.
A product improvement request has been submitted to prevent the deletion of the org key or if it is, resync in a validated state automatically.
Check back in future releases of the software or this article for updates to this request. If you would like to follow up with us directly, please log a support case and and provide this KB ID we will be happy to assist.