FINDING 01Critical
29% typical
Apex test coverage
Salesforce requires 75% for production deploy. The median mid-market org sits at 29%. Below threshold means every deploy is rolling the dice on a green test suite that does not exist.
Your Salesforce org graded. A through F.
29% Apex test coverage. 15 post-EOL Workflow Rules. 418 unused custom fields. Find every technical debt risk across six code domains in 10 minutes. Free, read-only, with a 24-hour fix plan.
Clientell · Technical Debt & Code
D
Acme Corp · Code Quality Score
567 Apex classes · 144 flows · 23 LWC · 6 grades
D
Apex
F
Triggers
C
Flows
B
LWC
F
Workflow
C
Metadata
Top Issues136 open · 47 critical
114 SOQL queries inside loops · governor limit riskApexCritical
215 post-EOL Workflow Rules still firingLegacyCritical
3418 unused custom fields safe to removeMetadataMedium
Trusted by leaders at
Code Quality Data · 202604 / 04 findings
What technical debt looks like in a typical 4-year-old org
Four findings drawn from 1,000+ technical debt audits on production Salesforce orgs.
FINDING 02Critical
15 typical
Post-EOL Workflow Rules still firing
Spring 2024 deprecation, still active because nobody migrated them. Each one is technical debt that competes with the modern Flow that should have superseded it.
FINDING 03Critical
418 typical
Unused custom fields
Created during a 2021 project, never populated, never reported on, still consuming page layout space and field limit budget. Each one is safe-to-remove with dependency check.
FINDING 04Critical
1,844 typical
Inactive flows in metadata
Draft flows nobody activated, paused flows nobody cleaned up, copies of copies. Each one shows up in dependency analysis and slows down the metadata graph.
Tech Debt Scorecard06 / 06 domains
A through F grades across every code domain in your org.
Click a domain to inspect specific issues, severity, and root cause. Sample data from a 4-year-old mid-market org.
Clientell · Technical Debt & Code
D
Overall code quality
43/100
136
Open issues
29%
Apex coverage
+24
After cleanup
Per-domain grades (click to inspect)
Issues found
Apex Classes · score 38/100 · 47 issues
SOQL in loop
Governor risk
DML in loop
Governor risk
Hardcoded record IDs
Sandbox fragility
Classes without sharing
Security bypass
Test coverage below 75%
Deploy risk
Fix pathIssues bundled by root cause. Sandbox-tested fix per group.1-click fix
Live · Salesforce Well-Architected mapped
Every issue grouped by root cause. Sandbox-tested fix per group.
Get my auditGrade scaleA: 90+ · F: < 40
Salesforce targetApex coverage >= 75%
Healthy baselineB grade overall
Sample org4-year-old mid-market
Aligned to Salesforce Well-Architected frameworkCoverage Areas06 / 06 areas
What the technical debt audit actually covers
Six dimensions mapped to Salesforce Well-Architected. Every issue routes to a fix.
01
A-F grades per domain
Apex Classes, Apex Triggers, Flows, LWC Components, Workflow Rules, Metadata. Each domain graded A through F based on Salesforce Well-Architected standards. The grade your architect needs to defend the next refactor budget.
02
Apex governor risk patterns
SOQL in loops, DML in loops, hardcoded record IDs, classes without sharing. The four patterns that cause silent production failures. We grep your Apex source and flag each instance with its line number and remediation.
03
Test coverage analysis
Coverage per class, coverage gaps below the 75% deploy threshold, classes with stale or skipped tests. Coverage above 75% is the gate for production deploys. Most orgs we audit sit at 29%.
04
Post-EOL automation detector
Workflow Rules and Process Builder processes deprecated by Salesforce in Spring 2024. Each one still consumes CPU and competes with Flow logic. Median org has 15 still firing.
05
Dead metadata sweep
Unused custom fields (median: 418), inactive flows still in metadata (median: 1,844), profiles never assigned, layouts referenced by zero records. Safe-to-remove status with dependency check per asset.
06
Multi-trigger framework migration
Multiple Apex triggers on the same object is the deepest source of race conditions. We surface every multi-trigger object and propose the one-trigger framework with handler classes. Generated code samples included.
How to read the grade
| Grade | Score | What it means | Action |
|---|---|---|---|
| A | 90-100 | Well-architected. 80%+ Apex coverage. Zero governor risks. One-trigger framework. No EOL debt. | Maintain. Annual audit. |
| B | 75-89 | Healthy baseline. 75% coverage threshold met. Minor cleanup opportunities. | Quarterly cleanup sprint. |
| C | 60-74 | At risk. Coverage slipping. Some governor risks. EOL automations still active. | Cleanup sprint within 30 days. |
| D | 40-59 | Significant debt. Deploys are risky. Below Salesforce 75% coverage gate. | Pause non-critical work. Cleanup priority 1. |
| F | Below 40 | Production risk. Test suite cannot validate deploys. Race conditions everywhere. | Full audit + architect review immediately. |
Warning Signs05 / 05
Run the audit before the next deploy fails.
Technical debt compounds silently until something breaks at the worst possible time.
Your last 3 deploys had failed Apex tests
If your test suite is flakey or your coverage is below 75%, every deploy is rolling dice. Our audit shows per-class coverage and identifies which classes need new tests to clear the deploy gate.
Apex CPU limit warnings in logs
Code that runs fine on 10 records but trips governor limits on 200. SOQL in loops, DML in loops, nested triggers. Our audit grep finds every governor risk pattern with line numbers.
Your architect just left
Knowledge walked out the door. Every quirky pattern in the codebase is now undocumented technical debt. Our audit produces the architect brief that nobody had time to write.
Field limit on a custom object is approaching cap
Salesforce custom objects cap at 800 fields. If you are above 600, half are likely dead. Our audit lists every unused field with usage stats and safe-to-remove status.
You inherited code from a consulting partner
Hardcoded IDs from their sandbox. Apex classes named after their internal tooling. No comments. We map the inheritance and propose the cleanup sequence.
Deliverables05 / 05
What ships with the audit
Five deliverables. Architect-grade reports plus admin-actionable cleanup queues.
01
Per-domain grade report (A through F)
Six domains, six grades, one weighted overall score. Mapped to Salesforce Well-Architected categories. Exportable PDF + XLSX for architect review and budget defense.
02
Governor risk inventory
Every SOQL-in-loop, DML-in-loop, hardcoded ID, without-sharing class. Each with line number, severity, and proposed rewrite. CSV exportable for ticketing.
03
Test coverage roadmap
Per-class coverage rate, classes below 75% threshold, suggested test class scaffolds for the gaps. Get to deploy-ready coverage faster.
04
EOL migration queue
Every post-deprecation Workflow Rule and Process Builder process with its modern Flow successor. Sandbox-tested migration scripts per asset.
05
Dead metadata cleanup plan
Unused custom fields, inactive flows, orphan profiles, dead layouts. Each tagged with safe-to-remove status and dependency context. Bulk-remove with one click.
FAQ10 / 10
You have
questions,
we have
answers.
Everything architects and CIOs ask before a technical debt audit.
01What is a Salesforce technical debt audit?
What is a Salesforce technical debt audit?
A diagnostic that grades the code and metadata in your Salesforce org from A through F across six domains: Apex Classes, Apex Triggers, Flows, LWC Components, Workflow Rules, and Metadata. Each domain is scored against Salesforce Well-Architected standards, with specific issues flagged (governor risks, hardcoded IDs, test coverage gaps, EOL automations, unused metadata). Clientell runs the audit in 10 minutes via read-only OAuth and returns the full report in 24 hours.
02What is a good Apex test coverage percentage?
What is a good Apex test coverage percentage?
Salesforce requires 75% per class to deploy to production. 80%+ is healthy. The median mid-market org we scan sits at 29%, which means every deploy is risky. Above 75%, deploys are predictable. Above 90%, your architect can actually sleep.
03What technical debt patterns does the audit detect?
What technical debt patterns does the audit detect?
Governor risks (SOQL in loops, DML in loops, queries without limits), security bypasses (classes without sharing, hardcoded IDs), maintainability issues (multiple triggers per object, deep subflow nesting, undocumented code), coverage gaps (classes below 75%), and dead metadata (unused fields, inactive flows, orphan profiles).
04Are Workflow Rules technical debt?
Are Workflow Rules technical debt?
Yes. Salesforce deprecated Workflow Rules in Spring 2024 with phased removal through 2025. Existing ones still run but compete with the Flows that should have superseded them. Each active Workflow Rule is technical debt with a defined retirement path. Our audit catalogs every one with the Flow migration script.
05How does the audit grade my code?
How does the audit grade my code?
Each domain is scored 0-100 based on issue severity weighted by impact. Apex Classes scoring uses test coverage (30%), governor risk count (30%), sharing model compliance (20%), and code smell density (20%). Aggregate score maps to a letter grade: A 90+, B 75-89, C 60-74, D 40-59, F below 40.
06How is this different from Salesforce Optimizer?
How is this different from Salesforce Optimizer?
Optimizer is a free static PDF with generic Salesforce-side recommendations. It does not grade code, does not detect governor risks at the source level, does not produce a coverage roadmap, and does not propose EOL migration scripts. Our audit does all four, with one-click sandbox fixes per finding.
07Can the audit suggest specific Apex rewrites?
Can the audit suggest specific Apex rewrites?
Yes. Each governor risk and code smell ships with a proposed rewrite (using the Apex Bulk Patterns and Trigger Handler Framework as references). You review the diff in sandbox, optionally tweak, apply with one click. The agent does not blind-write production code without your approval.
08What is the Salesforce Well-Architected framework?
What is the Salesforce Well-Architected framework?
Salesforce Well-Architected is an official architecture standard published by Salesforce defining best practices across security, performance, reliability, scalability, and maintainability. Our audit grades and maps every finding to a Well-Architected category, giving you a vocabulary your architect, your auditor, and your CIO all already understand.
09Does the audit work for managed packages?
Does the audit work for managed packages?
The audit reads your custom code and configuration but does not modify or grade managed package code (which you cannot modify anyway). Installed packages appear in the inventory with their license and usage stats but are excluded from quality scoring.
10How long does technical debt cleanup take?
How long does technical debt cleanup take?
Depends on org size. A typical mid-market 4-year-old org takes 3-6 weeks of focused work to move from D grade to B grade, of which 70% can be agent-automated (auto-generated test classes, EOL migration scripts, dead metadata cleanup). The remaining 30% requires architect review and approval.
Further Reading
Related Salesforce technical debt resources
Audits, guides, and services for teams reducing tech debt and preparing for clean deploys.
Guide
Salesforce Technical Debt: Complete Guide 2026
Long-form: governor risks, test coverage strategies, EOL migration. Architect-grade reading. 24-min.
Read moreAuditFlow Audit
Sister audit on the automation side. 282 automations on Opportunity is the typical pattern.
Read moreAuditPermissions Audit
Permission hygiene and security review. Pairs with code audit for full org review.
Read moreServiceSalesforce Health Check
Broader audit pillar covering all six audit dimensions plus process intelligence.
Read moreAuditAgentforce Readiness Audit
Automation Overlap (which technical debt aggravates) is the #1 AI Readiness killer.
Read moreProductAI Salesforce Deployments
Once you cleanup the debt, ship the fixes safely with diff preview and rollback.
Read moreProductAI Salesforce Admin
The agent that auto-generates the test classes and refactors the audit surfaces.
Read moreServiceSalesforce Managed Services
Continuous tech debt monitoring instead of point-in-time audits.
Read moreCompareCopado Alternatives
When you outgrow Copado, the modern AI-native alternatives for deploys + code review.
Read moreCustomer Reviews
What teams found with the Technical Debt Audit
“Apex coverage went from 41% to 78% in six weeks using the audit remediation queue. The deployment blocker ranking told us exactly which classes to touch first for the biggest coverage delta.”
“The technical debt scorecard finally gave me the artifact I needed to get budget approval. Executives understand a debt score in a way they never understood "we have legacy code."”
Trust + security posture
Built for the orgs auditors trust.
Related Audits
Run alongside these adjacent diagnostics
- Audit
Automation overlap detector
Most technical debt traces back to automation sprawl. Map the overlap first.
- Audit
Modern deploy with rollback
Modern deployment workflow that catches debt before it lands in production.
- Audit
Permission risk matrix
Permission sprawl is debt in another shape. Audit both dimensions.
- Audit
AI deployment prep
Deployment debt blocks AI rollout. Score readiness before buying Agentforce.
References
References & Authority Sources
Every claim on this page is anchored to a primary source. The references below cite official standards bodies, Salesforce documentation, and peer-reviewed industry research.
- [1]Salesforce Well-Architected Framework — Salesforce Architect
Supports: Reference architecture and debt reduction principles
- [2]Apex Code Coverage Requirements — Salesforce Developer Documentation — Salesforce Developers
Supports: 75% Apex coverage deployment requirement
- [3]Apex Best Practices — Salesforce Developer Guide — Salesforce Developers
Supports: Governor limits and bulkification standards
- [4]Technical Debt — Martin Fowler — martinfowler.com
Supports: Industry-standard technical debt definition
Getting Started
Get your free
Salesforce tech debt audit.
A-F grades. Governor risk inventory. Test coverage roadmap. EOL migration queue. Sandbox-tested fixes. Free, read-only, 10-minute scan.
Unlimited messages · No credit card required
SOC 2
HIPAA
GDPR
Salesforce Partner