Skip to main content
The Salesforce Checklists Collection04 published

Checklists

Pre-flight checks, anti-pattern audits, deployment runbooks, and post-incident reviews. Each checklist is short enough to run in a single sitting and specific enough that finding even one match pays back the read.

Get new checklists in your inbox

Free. No spam. Unsubscribe anytime.

Browse by type

CheatsheetsGuidesPlaybooksTemplatesChecklists

The Collection

All Salesforce checklists

Every checklist is a 15-minute walk-through. Read on page or download the PDF. Free, no gate.

AI ReadinessJun 8, 2026

50 Things to Check Before Using Any AI for Your Salesforce Work

Vendor-neutral 50-point checklist for evaluating any AI agent, copilot, or Agentforce vendor before it touches production Salesforce. Free PDF.

  • 50 vendor-neutral checks across 11 dimensions: readiness, permissions, deployment, blast radius, human control, accountability, security, compliance, vendor trust, ROI, capability
  • Industry avg score: 38/100. Median Opportunity object carries 270+ automations. One bad delete = 15-30 hrs of remediation at ~$200/hr
  • Scoring bands: 40-50 trust in prod · 30-39 guardrails on · under 30 clean foundation first
  • Built by Neil Sarkar (Co-Founder, Clientell) from 1,000+ org reviews. Works on Agentforce, Copilot, Einstein, or any other vendor
Built forAdminsArchitectsRevopsLeaders
Run this checklistPDF
AI ReadinessMay 20, 2026

Agentforce Readiness 47-Point Checklist (2026)

The 47-point checklist top Salesforce teams run before pulling the trigger on Agentforce. Data Quality, Process Clarity, Permission Hygiene, Automation Overlap. Skim in 15 minutes.

  • 47 readiness checks across 4 AI-killer dimensions (Data Quality, Process Clarity, Permission Hygiene, Automation Overlap)
  • Industry benchmarks: avg 38 · top-25% 71 · top-10% 84
  • Score above 70 = clean Agentforce launch. Below 50 = pause 30-60 days
  • 70% of orgs we scan fail this checklist on first pass
Built forAdminsArchitectsRevopsLeaders
Run this checklist
Salesforce SecurityMay 20, 2026

Salesforce Permissions Audit Checklist (38 Points)

The 38-point checklist for running a Salesforce permissions audit yourself. Profile sprawl, integration users, permission set hygiene, role hierarchy. Skim in 20 minutes.

  • 38 checks across profile hygiene, integration users, permission sets, role hierarchy, sharing rules, sensitive field protection
  • Mapped to SOC 2 CC6.x and ISO 27001 A.9.x for compliance prep
  • Built from 1,000+ Salesforce permission audits
  • Vendor-neutral. Works with Clientell, Strongpoint, Field Trip, or DIY
Built forAdminsArchitectsLeaders
Run this checklist
Salesforce FlowsMay 7, 2026

15 Salesforce Flows Quietly Tanking Your Org

A 15-minute audit checklist of the 15 most common Flow anti-patterns we find in production Salesforce orgs. Signal, why it tanks, and the rebuild for each. Vendor-neutral, built from 150+ org reviews.

  • 15 Flow anti-patterns mapped to real governor limits (150 DML, 100 SOQL, 50K rows, 16 trigger depth)
  • Signal -> Why it tanks -> Rebuild for every item, scannable in 15 minutes
  • Built from 150+ org reviews across mid-market and enterprise
  • Vendor-neutral; works whether you're on Clientell, Copado, Gearset, or zero tooling
Built forAdminsDevelopersArchitects
Run this checklistPDF

More checklists ship every quarter

Permission sprawl audit, data-quality scorecard, and a pre-deploy review checklist are in the roadmap below.

See roadmap

Quick answer

What's the difference between a checklist and a cheatsheet?

A cheatsheet is a reference (look up a number). A checklist is an audit (walk top to bottom, mark each item). Use a checklist when you want a structured exercise that produces a list of findings; use a cheatsheet when you just need to recall a specific limit or pattern.

Format
Walk-through audit, top to bottom
Time
10 to 30 minutes per checklist
Output
A list of findings to fix

About these checklists

Why these checklists exist

Most Salesforce problems aren't architectural. They're 15 small things that all individually look fine and collectively kill the org. The Flow that worked yesterday hits a governor limit today because data volume tripled. The permission set that looked harmless in May exposes a PII field in August because someone added a new field. The schedule-triggered Flow with no filter scans the whole record base every hour because nobody set the modified-date condition.

These small things are detectable. They're not detectable by reading the docs. They're detectable by walking through a checklist with your laptop open. So we built the checklists. Each one was designed by an engineer who debugged the failure mode in production at least three times.

67% of admins say technical debt is their #1 daily challenge. Most of that debt is a few hundred small anti-patterns piled up. A checklist surfaces them in an hour; finding them through bug reports takes years.
Source: Mason Frank Salesforce Salary Survey + Clientell audit data, 2026

If you read a checklist and find zero items in your org, we shipped a bad checklist (or you have a remarkable org). The bar is that any production Salesforce org over 50 users will have at least 3 hits per checklist. If yours doesn't, write it up; we'll feature the case study.

What makes a good Salesforce checklist

We have rules for what makes the cut. If a checklist doesn't pass all four, it doesn't ship.

  1. #01

    Each item is a distinct pattern.

    No 'review your security settings' generalities. Every item is one specific anti-pattern (e.g., 'DML inside loops') with a Signal you can grep for, a reason it tanks, and a Rebuild that fixes it.

  2. #02

    Walks top to bottom in one sitting.

    Total run time is bounded (10 to 30 minutes). If a checklist needs three afternoons, it's actually a guide pretending to be a checklist.

  3. #03

    Produces a findings list.

    Output of running a checklist is a list of items marked Found vs. N/A. The findings list is what gets prioritized into remediation work, not the checklist itself.

  4. #04

    Built from production debugging.

    Every item came out of an actual production failure we debugged. We don't ship checklists that anticipate hypothetical issues; the bar is 'we've seen this break a real org at least three times.'

How to actually run a checklist

Checklists fail when readers treat them as inspiration. They work when readers treat them as a structured exercise with a deliverable.

Three patterns that compound

  1. #01

    Open Salesforce Setup in one tab, the checklist in another.

    Don't read the checklist first and 'plan to run it later.' Open Setup, open the checklist, and walk top to bottom in the same sitting. Each item should take under 2 minutes to evaluate.

  2. #02

    Mark each item Pass / Found / N/A as you go.

    Print the checklist or copy it into a doc. Marking is the forcing function that turns a read into an audit. Items left unmarked don't count.

  3. #03

    Triage findings by blast radius before fixing anything.

    Don't try to fix all findings at once. Sort the Found column by blast radius (DML in loops on a high-volume object > hardcoded ID in a low-traffic Decision). Fix the top 3 first; queue the rest.

What not to do

  • Don't speed-read the checklist and skip the audit. The whole point is the structured walk-through; reading without auditing is the same as not reading.
  • Don't fix items as you find them. Audits are for finding; sprints are for fixing. Mixing the two means you'll spend an hour on the first item and never finish the audit.
  • Don't run a checklist quarterly when it should be monthly (or vice versa). Each checklist tells you the cadence; honor it.

What's coming next

Each new checklist comes from the third or fourth time we run the same audit by hand. The next batch covers the audits we run most often.

  • Q3 2026

    Salesforce Permission Audit Checklist

    20-item audit of profile + permission set sprawl, with the 5 most common over-privileged patterns.

  • Q3 2026

    Salesforce Data Quality Checklist

    12-item audit covering duplicate rate, fill rate, validation rule coverage, and silent ETL failures.

  • Q4 2026

    Pre-Deploy Sandbox Checklist

    The 18-item walk-through every change should pass before promoting from sandbox to production.

  • Q4 2026

    Quarterly Org Health Checklist

    30-minute audit covering license utilization, storage, integration health, and the top 10 Flow anti-patterns.

If a checklist you'd value isn't here, send it via the contact form. The third or fourth request for the same audit moves it to the front of the queue.

Related06 / 06 resources

More from the library

Six adjacent surfaces inside the Clientell library. Each one shows the same Salesforce topic from a different angle. Pick the format that matches the work you're about to do.

Frequently asked

Questions, answered

How is a checklist different from a cheatsheet?

A cheatsheet is a reference (look up a number, recall a pattern). A checklist is a structured audit (walk top to bottom, mark each item, produce a findings list). The same content can be either format depending on the use; we publish the format that matches how the artifact is actually used in practice.

Are checklists gated?

On-page reading is free. PDF download requires a work email. The PDF and the on-page version are byte-identical content; the PDF exists for offline / printable use during an audit.

How often should I run each checklist?

Each checklist tells you. Quick audits (Flow anti-patterns, permission spot-checks) run monthly. Deeper audits (org health, quarterly business review) run quarterly. Pre-deploy checklists run on every deploy.

What if I find way more issues than I can fix?

That's normal on the first run. Triage by blast radius: high-volume object + governor-limit risk goes to the top of the queue; low-traffic Decision goes to the bottom. Don't try to clear a 50-item findings list in one sprint.

Are checklists specific to a Salesforce edition?

Most checklists target Enterprise Edition by default. Where the rules differ in Professional / Unlimited, the item calls it out inline. Industry-specific checklists (HIPAA, financial services) call out their scope at the top.

Can I share a checklist with my team?

Yes. Share the on-page URL for live reference. Print or download the PDF for the audit itself; people mark it up better on paper.

Can I contribute a checklist?

Yes. Send the artifact (the actual list of items, with Signal / Why it tanks / Rebuild for each) plus a 1-paragraph context note about which audit it serves. Quality bar: 10 to 30 distinct items, each runnable in under 2 minutes, all sourced from real production debugging.

Do you build custom checklists for our org?

Yes, as part of a paid engagement. Book a scoping call via the demo link. We'll usually start with our published checklists, run them against your org, and customize the gaps. Custom checklists become reusable artifacts your team can run quarterly.

Getting Started

Run the checklist. Hand the fixes to AI.

Checklists surface the issues. Fixing them by hand is where time still gets burned. Hand the rebuild work to Clientell AI and clear a 50-finding audit in days, not quarters.

Start free trialTalk to Sales

Unlimited messages  ·  No credit card required

SOC 2
HIPAA
GDPR
Salesforce Partner