With GPG there are many more options: have internal keyserver, have "certification authority" key that signs new employee keys and everyone else trusts this authority (via trust signatures. For details see: https://www.linuxfoundation.org/blog/pgp-web-of-trust-delega...
Too many options, honestly. I'd love to see a widely agreed "basic profile" for GPG, so that everyone writing tutorials etc. would be suggesting the same thing.