How to Do a DIY Audit of Your Salesforce Org

Is your Salesforce org worth bragging about?

Ebook download image 2What are the current password policies in your Salesforce org? Are you paying for user licenses for people who never or rarely use Salesforce? Where is your data coming in from and is it clean? How much storage is available and how can you maximize your space? What is the quality of your data? These are questions that as a Salesforce Administrator you need to ask yourself on a regular basis.

Administering a Salesforce org is a big task: general maintenance, integrations, training, coding, security. A good admin has to be a jack-of-all trades and know Salesforce inside and out. But what are the important fundamentals? We identified 16 key areas that a good Salesforce admin should not only be an expert in, but also regularly monitor. Doing a periodic audit and overall health check of the state of your Salesforce org will help you find out what you’re doing right and identify potential trouble spots.

Below are seven fundamental areas, but you can learn about all 16 in our in depth ebook: Insanely Useful DIY Tips to Keeping an Impressive Salesforce org. It’s a Salesforce Admin’s must-have guide complete with best practices, step-by-step how-tos, pro-tips, worksheets, and a free data health check. Think of it as your Salesforce cheat-sheet or reference guide.

Understanding Business Practices & Data

Data is a resource, just like the technological infrastructure and the humans who staff and run your business. As you manage your Salesforce org, it is critically important to understand the role data plays within various business units at your organization. It’s unlikely that each unit is accessing and utilizing the same data in the same way. Given that, as a data steward, it may be your responsibility to understand the business and operational procedures of each unit.

The best way to get a handle on how various units access and use the data stored in your Salesforce org is to spend some time going through the day-to-day activities of each unit. Seek to understand what they do and how they do it, and how your data resources support those efforts. With this knowledge in hand, you can best ensure that your Salesforce org is structured to align with business needs, particularly in terms of permissions, reporting, and integrations.

Ask yourself:

  • How do Sales, Marketing, Services, and Management work together?
  • What data is critical in each of these operational units?

Data Entry Points

You may have data coming into Salesforce from many different sources. Imports, web entries, manual entries, and/or marketing automation systems, to name just a few possibilities. Keep in mind the following:

  • Where is your data coming in from? This is important when it comes to keeping your data clean and up to date.
  • How do you intend to use the data and what purpose it serves to your organization?
  • What type of records do your sources create? Are they leads? Contacts? Accounts?
  • Knowing your internal business processes is key to ensuring that the data coming into Salesforce is being entered and utilized in a way that will best suit your individual and team goals.

Make sure that data coming into Salesforce is clean. This can mean properly formatting a file prior to import, or researching your data entry sources to ensure the accuracy of the data coming in. Data coming into Salesforce from any source could potentially be a duplicate of a record that you already have in Salesforce. Ask yourself if the newer data coming in is more valuable than what you already have on record. Or, perhaps you regularly keep your existing Salesforce data clean and know that to be the best source. Knowing the state and quality of your data will help you determine whether to update your existing records or to eliminate a new record when a duplicate record is detected.

Ask yourself:

  • Where is my data coming from?
  • Is the data clean before it comes in?

Users & Permissions

When evaluating how you can best secure your data from erroneous updates, or when needing to limit access to proprietary internal or client information in your Salesforce org, creating separate permission profiles is imperative.

When new users join your team, and as you assign profiles and roles, take into consideration:

  • The level of expertise each user has
  • What their level of clearance should be
  • Which objects they will be working on
  • What their overall role in Salesforce will be

You will also be determining which applications within Salesforce (or that work with Salesforce using an API) your users will be accessing. Each integrated application typically also has permission requirements that must be considered as well as potential admin requirements when installing and setting up.

Maintenance of your users is a necessary ongoing process. As new users come on, roles may change. New profiles may be needed and user permissions may need to be updated. As users leave your organization, remember to set their user IDs inactive and restrict login access to your org as a routine procedure. As you make users inactive within your org, all historical data that was tied to the user is retained. But, the user also remains tied to active records within Salesforce. Reassignment of records to new, active users is a good step to making sure that your client data is up to date.

Ask yourself:

  • How are users separated from a security standpoint?
  • Am I regularly maintaining my Active and Inactive Users?

Field Auditing

The fields on your various Salesforce objects are how you keep your data organized. They provide consistency across records and make indexing and searching the database possible.

But the number of custom fields you can create is limited, and fields can also get out of hand, so it’s a good idea to audit fields on a regular basis. In most circumstances, the rule of fewer is better applies when it comes to the fields on your records. If you can logically combine fields, or create broad fields that cover multiple scenarios, then it is a good idea to do so. For example, if you send out specialized newsletters and track subscriptions to those newsletters, instead of using a check box field for each individual newsletter, use a single multi-select picklist field that includes all of the newsletters.

It’s also important to be aware of the types of fields you use and the properties of those fields. Number fields can only include numbers, not characters. System Determined fields are read only and cannot be modified by a user. And so on. Be sure the fields you use and create can accommodate the data you will need to insert into those fields.

Ask yourself:

  • How many fields have been created and how many are being used for my Salesforce objects?
  • What types of fields have been created and how do they function?


Salesforce allows for very specific customizations within each org. Customizations can be created by using triggers, workflows, validation rules, and more.  Each new customization adds automation to a process, but can also add a layer of complexity when more than one trigger, workflow, or other process is configured to run at the same data entry or update point. If constructed improperly or poorly, they can be a drain on your CPU and querying resources.

Ask yourself:

  • How do Salesforce customizations interact with my org?
  • What customizations have been made in my org and how do they work?

Installed Apps & Integrations

Along with specific customizations within your org, you are likely to have managed applications also installed that run their own customized triggers and executions. Keep in mind that the more workflows, rules, and applications you have running in your org, the more prone you are to conflicts. It’s crucial to be aware of the applications that you have installed.

  • Test new packages before purchasing and installing if possible (a sandbox is a great tool for testing).
  • Make sure that the applications have the proper permissions assigned, and the appropriate users in charge.
  • Make sure that you know where and how to get support for any applications running in your org if problems or conflicts arise.

When integrating Salesforce with another application, be aware that some external systems do not sync (or do only partial syncs) with Salesforce. For example, if you use an external accounting system that does not sync with Salesforce, and you delete a record from Salesforce, the record may not be deleted from your external system. When possible, look for systems that fully integrate with your Salesforce data. But regardless, be aware of what your external system integrations can and cannot do so that you know what manual work and processes may be required to keeping the data accurate in both systems.

Ask yourself:

  • What Apps and Packages are installed and running in my org?
  • How do Installed Apps and Integrations interact with my org?

Achieving High Data Quality

Duplicate data is the main source of poor data quality. When the quality of your data is low (incomplete, duplicated, old, outdated) then reporting suffers, sales and marketing suffer, and the efficiency of IT operations suffers. Consider the value of your data. Think about how much time and effort went into just collecting the data.

Decide on a deduplication program that has the flexibility to analyze duplicate matches from a variety of angles and based on a variety of data points. It should also give you enough control to merge duplicates according to your business rules. Ongoing deduplication must be quick and easy to accomplish, and it must be able to maintain clean data on a continual basis as data changes.

Ask yourself:

  • What is the quality of my data?
  • How many duplicate records are in my org?

Questions Infographic

Ebook download image










Leave a Reply

Your email address will not be published. Required fields are marked *