Planning consists of 13% of total score in Salesforce Platform Lifecycle and Deployment Architect Exam. The topic covers ALM planning, governance framework & COE, Change Management, and Salesforce Seasonal Releases.
NOTE
Most of the content in this work was generated with the assistance of AI and carefully reviewed, edited, and curated by the author. If you have found any issues with the content on this page, please do not hesitate to contact me at support@issacc.com.
π ALM Planning β People β’ Tech β’ Process
π― Objectives
- Describe ALM processes & tools
- Identify key roles
- Map processes/tools/roles to scenarios
π§ ALM Development Models (Overview)
| Model | Core Tools | When to Use | Notes |
|---|---|---|---|
| π¦ Change Set Development | Change Sets, Sandboxes | Small/low-maturity orgs | Manual moves, limited delete/rename, track extras manually |
| π Org Development Model | Git, Salesforce DX, CLI, VS Code, Jira/Agile Accelerator | Source-driven teams & enterprises | Branch/PR, package.xml artifact, CI-friendly |
| π Package Development Model | Unlocked Packages, Scratch Orgs, Git, CI/CD | Modular, multi-app, high maturity | Versioned packages, isolated dev/test, easy upgrades |
Quick pick β Simple: Change Sets β’ Team scale: Org Dev β’ Modular/upgradeable: Package Dev
π§βπ€βπ§ Roles (People)
- Architect (solution design, standards) β’ Developers (code/config) β’ Admins (env & declarative) β’ Designer (UX/UI) β’ BA (requirements) β’ QA (test/quality) β’ PM (timeline/budget) β’ Release Manager (orchestrates releases) β’ Stakeholders (execs, managers, end users)
Stakeholder groups β Executive leadership β’ Managers & super users β’ Dept leaders (Sales/Service/Marketing) β’ Core end users
βοΈ Processes (By Model)
π¦ Change Set Development
- Dev/Test in Dev sandboxes β integrate in Dev Pro β UAT in Full β Prod deploy
- Use Outbound + Inbound change sets, Deployment Connection, Validation/Quick Deploy
- Manual steps for unsupported metadata; deletions/renames handled manually; use Metadata Coverage + custom change logs
π Org Development Model
- Git = source of truth; DX project (sfdx-project.json), package.xml artifact
- Flow: Branch β Dev work (CLI retrieve/deploy) β PR/Review/Merge β Build artifact β Partial (UAT) β Full (staging) β Prod (validate + quick deploy)
- Tooling: CLI, VS Code Extensions, Jira/Agile Accelerator, change/run lists
π Package Development Model
- Split into unlocked packages per module; all source in Git; Scratch Orgs per dev/test
- DX push/pull sync; CI runs tests on merges; install versions into sandboxes for UAT/staging β Prod
- Benefits: modularity, fewer merge conflicts, easier upgrades
π Environment Risks & Mitigations
| Risk Area | Common Issues | Mitigations |
|---|---|---|
| Customization | Unused features, complex deps, update conflicts | Governance rules, user-centered design, periodic reviews, refactor/remove dead code |
| Data Security & Privacy | Unauthorized access, non-compliance | AuthZ/AuthN hygiene, Event Monitoring, Shield Encryption, sandbox data masking |
| Governance | Inconsistent practices, weak docs/testing, data quality | Design standards, coding reviews, rigorous testing, data governance |
| Project Mgmt | Poor planning, vague requirements, scope creep | Clear plan/scope/resources, stakeholder engagement, Change Control Board (CCB) |
| Development | Tech debt, resource limits, integration failures | Regular refactor, impact-based prioritization, controlled integration testing |
| Testing | Low coverage, manual errors, shared org collisions | Comprehensive strategy, automation where apt, masked test data, separate sandboxes/scratch orgs |
One-sandbox anti-pattern β Causes collisions and flaky tests; prefer per-stream sandboxes or scratch orgs.
π Governance Framework & COE
What/Why
- Governance = minimal processes to deliver outcomes on time/quality; aligns business + IT; reduces risk; boosts velocity/compliance/innovation
- Maturity: Non-existent β Emerging β Practicing β Leading
Categories
- COE (cross-functional experts, standards) β’ Change Management (collectβprioritizeβapproveβroll out) β’ Org Strategy (org design) β’ Technical Governance (principles/standards)
COE Essentials
- People/Roles: Exec Sponsors β’ Program Owners β’ Steering Committees (Business/Architecture/Release/Change/Support) β’ SMEs/Power Users
- Charter: decision rights, cadence, deliverables; run Program/Exec/Focus meetings
- Design Standards: naming, descriptions with links/deps, Apex/trigger annotations, doc templates and audits
- Release/Deployment: predictable cadence, comms, pre-release sandboxes, stages (DevβQAβUATβStagingβProd)
- Backlog Prioritization: transparent tooling (Jira/Confluence/Slack), publish decisions/timelines
COE models β Consolidated β’ Federated β’ Confederated β’ (or Hybrid)
π Change Management (CM)
- Types: Org/process shifts β’ Feature additions β’ Salesforce seasonal changes
- Process: Initiate/Plan (vision, roadmap) β Operationalize (build/config/deploy, drive adoption) β Validate (audit data, metrics, behavior updates)
- Key Users: User community β’ Decision makers (e.g., Enterprise Architect) β’ CCB/Steering β’ Executive Sponsor
- Good CM: simple execution strategy, cross-functional alignment, impact sizing, comms/training, power-user follow-up
π Salesforce Seasonal Releases (Spring β’ Summer β’ Winter)
Readiness Essentials
- Preview sandboxes upgraded ~4β6 weeks pre-prod; manage refresh timing to stay preview
- Check Sandbox Preview Guide; maintain at least one preview sandbox
- Release Notes: identify Quick Wins (auto-enabled) vs Low-Effort items; engage super users; plan comms
- Pre-release orgs: early peek (no customizations)
- Testing: prioritize UX impacts and custom code; run unit/integration/functional/UAT/performance; prefer API tests over brittle UI; mind governor limits
Cycle β Mark calendar β Engage community β Preview in sandbox β Review notes β Train/communicate β Roll out
π§ͺ Testing Cheat Sheet
- Unit (smallest code units) β’ Integration (external touchpoints) β’ Functional (against requirements) β’ UAT (end-user acceptance) β’ Performance (scale/limits)
- Considerations: sandbox creation/refresh, API>UI tests, generate masked test data, donβt automate perf tests, retest both sides of integrations, rebuild Classic-only tests
π§ Scenarios β Recommended Approaches
π Cross-Region Bank (EMEA + APAC, complex integration/security)
- Use: π Org Dev Model with Git, DX, CLI, VS Code; Dev sandboxes per team; Dev Pro for integration; Partial UAT; Full staging/training
- Manage: Jira/Agile Accelerator for requirements & defects; regular cross-region sync
πͺπΊ Financial Suite (finance tool + HCM + analytics; upgradeable, modular)
- Use: π Package Dev Model with independent unlocked packages
- Operate: Branch per module; Scratch Orgs for isolated dev/test; QA per package; CI/CD for build/deploy; PM + Release Manager coordinate
π ISP: Customization + Security + Governance Gaps
- Findings: Unused features, unclear object/field purpose, unauthorized data access
- Mitigate: User-centered design; enforce design standards (descriptions/help text); Profiles/PermSets/FLS; Shield Encryption; clean up redundant customizations
𧳠IT Request App: Unknown Requirements, Scope Creep, Single Sandbox
- Approach: Agile to iterate requirements; CCB to control scope; Scratch Orgs for isolated testing (license constraints); avoid one-sandbox model
π Seasonal Release Alignment (Spring)
- Issue: Internal major release conflicts with seasonal upgrade; sandbox timing off
- Plan: Create unified release calendar; refresh Full ~6 weeks before go-live for preview testing; deploy after prod is upgraded; train/alignment for all teams
𧱠Metadata Deploy Mismatch (Dev Pro β Partial UAT)
- Root Cause: Version skew (preview vs non-preview)
- Fix: Align sandbox versions; review Release Notes for auto-enabled/manual features; refresh during preview window; run regression in upgraded sandbox
π― Key Takeaways
- Model fit: π¦ Change Set (simple) β’ π Org Dev (team scale) β’ π Package Dev (modular)
- Triad: People + Tools + Process must match maturity and complexity
- Governance/COE drives velocity, quality, compliance, and alignment
- CM + Testing + Release Readiness = fewer surprises, faster value
π Flow Charts
1) Pick the Right ALM Development Model
flowchart TD A([Start]) --> B{Org maturity & complexity high?} B -- Yes --> C{Modularity/independent releases needed?} C -- Yes --> PKG[π Package Dev<br/>Unlocked packages + Scratch Orgs + CI/CD] C -- No --> D{Source control + branching required?} D -- Yes --> ODM[π Org Dev Model<br/>Git + DX + package.xml] D -- No --> CSD[π¦ Change Set Dev<br/>Change Sets + Sandboxes] B -- No --> E{Small/simple changes?} E -- Yes --> CSD E -- No --> F{Team collaboration/PR reviews?} F -- Yes --> ODM F -- No --> CSD
2) Environment Risk β Mitigation Router
flowchart TD A([Risk Identified]) --> B{Category?} B -- Customization --> C[Adopt governance rules<br/>User-centered design<br/>Review & refactor] B -- Data Security --> D[Strong AuthN/AuthZ<br/>Event Monitoring<br/>Shield Encryption<br/>Sandbox data masking] B -- Governance --> E[Design standards<br/>Coding reviews<br/>Rigorous testing<br/>Data governance] B -- Project Mgmt --> F[Clear plan/scope/resources<br/>Stakeholder engagement<br/>CCB to control scope] B -- Development --> G[Refactor tech debt<br/>Impact-based prioritization<br/>Controlled integration tests] B -- Testing --> H[Comprehensive strategy<br/>Automate where apt<br/>Separate envs/scratch orgs]
3) Build a Governance Framework & COE
flowchart TD A([Start]) --> M{Assess maturity} M -- Non/Emerging --> B[Define minimal processes] M -- Practicing/Leading --> B B --> C[Form COE<br/>Cross-functional roles + charter] C --> D[Set design standards<br/>Naming, descriptions, code annotations] D --> E[Backlog governance<br/>Transparent tooling + cadence] E --> F[Release & deployment strategy<br/>DevβQAβUATβStagingβProd] F --> G[Change Management process<br/>CollectβPrioritizeβApproveβRoll out] G --> H[Measure outcomes<br/>Adoption, quality, budget, AARs] H --> I{Improve?} I -- Yes --> B I -- No --> J([Operate & Monitor])
4) Seasonal Release Readiness (Spring β’ Summer β’ Winter)
flowchart TD A([Upcoming Salesforce Release]) --> B[Mark calendar & read Release Notes] B --> C{Have preview sandbox?} C -- Yes --> D[Plan tests in preview sandbox] C -- No --> E{Within preview window?} E -- Yes --> F[Refresh/retain at least one sandbox on preview] E -- No --> G[Use pre-release org for early look] D --> H[Prioritize Quick Wins & low-effort items] H --> I[Run unit/integration/functional/UAT/perf tests] I --> J[Communicate & train users] J --> K{Prod upgraded?} K -- Yes --> L[Deploy internal release aligned to seasonal] K -- No --> M[Stage changes; wait for prod upgrade]
π Flashcards
What are the 3 Salesforce ALM development models?
- π¦ Change Set Development
- π Org Development Model
- π Package Development Model
When should you use the Change Set Development model?
- Small/low-maturity orgs
- Simple changes
- Minimal team collaboration
- Limitations: no delete/rename, manual steps for some metadata
When should you use the Org Development Model?
- Source-driven approach
- Teams need Git + branching/PR reviews
- Use Salesforce DX, CLI, VS Code
- CI/CD-friendly for enterprise
When should you use the Package Development Model?
- High-maturity orgs
- Modular, independent apps/features
- Unlocked packages + Scratch Orgs
- Easier upgrades, CI/CD automation
π ALM Roles & Stakeholders
Who are the key roles in ALM?
- Architect β’ Developers β’ Admins β’ Designer
- Business Analyst β’ QA Testers β’ PM β’ Release Manager
- Stakeholders (execs, managers, end users)
What are the main stakeholder groups?
- Executive Leadership (sponsors, steering committee)
- Managers & Super Users (champion adoption)
- Department Leaders (sales/service/marketing sponsors)
- Core End Users (feedback & training input)
β οΈ Environment Risks & Mitigation
How do you mitigate Customization Risks?
- Governance framework + rules
- User-centered design
- Review/refactor unused customizations
How do you mitigate Data Security & Privacy Risks?
- Strong AuthN/AuthZ
- Event Monitoring
- Salesforce Shield Encryption
- Sandbox data masking
How do you mitigate Governance Risks?
- Establish design standards
- Consistent coding/testing practices
- Maintain comprehensive documentation
- Data governance framework
How do you mitigate Project Mgmt Risks?
- Clear plan: scope, timeline, resources
- Thorough requirement gathering
- Stakeholder engagement
- Change Control Board for scope creep
How do you mitigate Development Risks?
- Refactor technical debt
- Prioritize tasks by impact/urgency
- Test integrations in controlled envs
How do you mitigate Testing Risks?
- Comprehensive strategy + automation
- Use realistic masked test data
- Separate sandboxes/scratch orgs
π Governance & COE
What are the 4 categories of a governance framework?
- Center of Excellence (COE)
- Change Management
- Org Strategy
- Technical Governance
What are the stages of governance maturity?
- Non-Existent/Basic β Emerging β Practicing β Leading
What are the benefits of good governance?
- Drives innovation & agility
- Ensures compliance & security
- Improves velocity & delivery quality
- Reduces risk
What are the pitfalls of poor governance?
- Misalignment business vs IT
- Low adoption
- Higher costs, reduced value
- Increased risks, slower delivery
What does a COE (Center of Excellence) do?
- Sets best practices & governance
- Provides standards across org
- Aligns projects to business goals
- Balances resources vs priorities
What are the 3 COE models?
- Consolidated (single, unified CRM)
- Federated (independent groups, unified data)
- Confederated (independent, even separate Salesforce orgs)
Whatβs included in a strong COE charter?
- Clear roles & decision rights
- Meeting cadence (Program Mgmt, Exec, Focus Areas)
- Deliverables (standards, comms, policies)
- Inclusivity (Execs, SMEs, Admins, End users)
π Change Management
What are the steps of the Change Management process?
- Initiate/Plan: vision, roadmap, align capabilities
- Operationalize: build/configure, manage org change, adoption
- Validate: audit, measure, adjust behavior
Who are the key users in Change Management?
- User community (feedback)
- Decision makers / Enterprise Architect
- Change Control Board (reviews & approves)
- Executive Sponsor (prioritizes, aligns to goals)
What ensures effective Change Management?
- Simple execution strategy
- Stakeholder input & comms
- Clear scope/effort/impact alignment
- End-user involvement & training
- Repeatable process
π± Salesforce Seasonal Releases
How often does Salesforce release updates?
- 3 times/year (Spring β’ Summer β’ Winter)
How do you prepare for seasonal releases?
- Align release calendar
- Keep at least 1 preview sandbox
- Use pre-release org for early features
- Review Release Notes (Quick Wins & Low-Effort features)
- Train & communicate to end users
What are the main types of testing for new features?
- Unit (smallest code units)
- Integration (with external systems)
- Functional (requirements validation)
- UAT (user acceptance)
- Performance (large data/ops)
What are key testing considerations before a release?
- Sandbox refresh/management
- Prefer API tests over brittle UI tests
- Use masked test data
- Ensure governor limits not hit
- Check Lightning vs Classic test compatibility
π§ Scenario-based Quick Picks
Which model for a multinational bank project (high complexity, security, cross-region)?
- π Org Dev Model (Git + DX + CLI + Jira, multi-sandbox pipeline, cross-region sync)
Which model for multi-app suite (finance, HCM, analytics) needing modularity & upgrades?
- π Package Dev Model (unlocked packages, Scratch Orgs, per-module Git branches, CI/CD automation)
How to mitigate ISP project risks (over-customization, unclear design, data leaks)?
- Governance standards, user-centered design, descriptions/help text, Profiles/PermSets/FLS, Shield Encryption
Which approach for IT request app (unknown requirements, scope creep, limited sandboxes)?
- Agile + Change Control Board + Scratch Orgs for isolated testing
How to align internal & Salesforce seasonal release cycles?
- Unified release calendar β’ Full sandbox refresh ~6 weeks pre-release β’ Preview testing β’ Deploy after prod upgrade
Why would metadata fail to deploy between sandboxes?
- Version mismatch (preview vs non-preview) β’ Fix by aligning versions, reviewing Release Notes, running regression in upgraded sandbox