Platform Lifecycle and Deployment Architect Exam Prep - Planning

Planning consists of 13% of total score in Salesforce Platform Lifecycle and Deployment Architect Exam. The topic covers ALM planning, governance framework & COE, Change Management, and Salesforce Seasonal Releases.

NOTE

Most of the content in this work was generated with the assistance of AI and carefully reviewed, edited, and curated by the author. If you have found any issues with the content on this page, please do not hesitate to contact me at support@issacc.com.

🗂 ALM Planning — People • Tech • Process

🎯 Objectives

• Describe ALM processes & tools
• Identify key roles
• Map processes/tools/roles to scenarios

---

🔧 ALM Development Models (Overview)

Model	Core Tools	When to Use	Notes
📦 Change Set Development	Change Sets, Sandboxes	Small/low-maturity orgs	Manual moves, limited delete/rename, track extras manually
📂 Org Development Model	Git, Salesforce DX, CLI, VS Code, Jira/Agile Accelerator	Source-driven teams & enterprises	Branch/PR, package.xml artifact, CI-friendly
🔀 Package Development Model	Unlocked Packages, Scratch Orgs, Git, CI/CD	Modular, multi-app, high maturity	Versioned packages, isolated dev/test, easy upgrades

Quick pick →

Simple: Change Sets Team scale: Org Dev Modular/upgradeable: Package Dev

---

🧑‍🤝‍🧑 Roles (People)

• Architect (solution design, standards)
• Developers (code/config)
• Admins (env & declarative)
• Designer (UX/UI)
• Business Analyst (BA) (requirements)
• Quality Assurance (QA) (test/quality)
• Project Manager (PM) (timeline/budget)
• Release Manager (orchestrates releases)
• Stakeholders (execs, managers, end users)

Stakeholder groups →

• Executive leadership
• Managers & super users
• Dept leaders (Sales/Service/Marketing)
• Core end users

---

⚙️ Development Model

📦 Change Set Development Model

• Dev/Test in Dev sandboxes → integrate in Dev Pro → UAT in Full → Prod deploy
• Use Outbound + Inbound change sets, Deployment Connection, Validation/Quick Deploy
• Manual steps for unsupported metadata; deletions/renames handled manually; use Metadata Coverage report + custom change logs

📂 Org Development Model

• Git = source of truth; DX project (sfdx-project.json), release artifact (package.xml)
• Flow: Branch → Dev work (CLI retrieve/deploy) → PR/Review/Merge → Build artifact → Partial (UAT) → Full (staging) → Prod (validate + quick deploy)
• Tooling: Salesforce CLI, VS Code Extensions, Jira/Agile Accelerator, change/run lists
• Dev sandboxes for development; Dev Pro sandboxes for integration; Partial Copy sandboxes for UAT; Full sandboxes for staging/training
• 

🔀 Package Development Model

• Split into unlocked packages per module; all source in Git; Scratch Orgs for isolated dev/test
• DX push/pull sync; CI runs tests on merges; install versions into sandboxes for UAT/staging → Prod
• Benefits: independent, modularity, fewer merge conflicts, easier upgrades
• Operate: Branch per module; Scratch Orgs for isolated dev/test; QA per package; CI/CD for build/deploy; PM + Release Manager coordinate

---

🔒 Environment Risks & Mitigations

Risk Area	Common Issues	Mitigations
Customization	Unused features, complex deps, update conflicts	Governance rules, user-centered design, periodic reviews, refactor/remove dead code
Data Security & Privacy	Unauthorized access, non-compliance	AuthZ/AuthN hygiene, Event Monitoring, Shield Encryption, sandbox data masking
Governance	Inconsistent practices, weak docs/testing, data quality	Design standards, coding reviews, rigorous testing, data governance
Project Management	Poor planning, vague requirements, scope creep	Clear plan/scope/resources, stakeholder engagement, Change Control Board (CCB)
Development	Tech debt, resource limits, integration failures	Regular refactor, impact-based prioritization, controlled integration testing
Testing	Low coverage, manual errors, shared org collisions	Comprehensive strategy, automation where apt, masked test data, separate sandboxes/scratch orgs

AuthN vs AuthZ

AuthN - Authentication, verify who you are (your identity)

AuthZ - Authorization, verify what you are allowed to do (your permission)

One-sandbox anti-pattern → Causes collisions and flaky tests; prefer per-stream sandboxes or scratch orgs.

---

🏛 Governance Framework & Center of Excellence (COE)

What/Why

• Governance = minimal processes to deliver outcomes on time/quality; aligns business + IT; reduces risk; boosts velocity/compliance/innovation
• Maturity: Non-existent → Emerging → Practicing → Leading
• Center of Excellence (COE) (cross-functional experts, standards)
• Change Management (CM) (collect → prioritize → approve → roll out)
• Org Strategy (org design)
• Technical Governance (principles/standards)

Center of Excellence (COE) Essentials

• People/Roles:
  • Exec Sponsors
  • Program Owners
  • Steering Committees (Business/Architecture/Release/Change/Support)
  • SMEs/Power Users
• Charter: decision rights, cadence, deliverables; run Program/Exec/Focus meetings
• Design Standards: naming, descriptions with links/deps, Apex/trigger annotations, doc templates and audits
• Release/Deployment: predictable cadence, comms, pre-release sandboxes, stages (Dev → QA → UAT → Staging → Prod)
• Backlog Prioritization: transparent tooling (Jira/Confluence/Slack), publish decisions/timelines

COE models →

• Consolidated (work in single platform with share approach)
• Federated (independent group operation, maintaining unified approach)
• Confederated (operate independently using separate Salesforce instances)
• Hybrid

---

🔁 Change Management (CM)

• Types: Org/process shifts • Feature additions • Salesforce seasonal changes
• Process: Initiate/Plan (vision, roadmap) → Operationalize (build/config/deploy, drive adoption) → Validate (audit data, metrics, behavior updates)
• Key Users:
  • User community
  • Decision makers (e.g., Enterprise Architect)
  • CCB/Steering
  • Executive Sponsor
• Good CM: simple execution strategy, cross-functional alignment, impact sizing, comms/training, power-user follow-up

---

🗓 Salesforce Seasonal Releases (Spring • Summer • Winter)

Readiness Essentials

• Preview sandboxes upgraded ~4–6 weeks pre-prod; manage refresh timing to stay preview
• Check Sandbox Preview Guide; maintain at least one preview sandbox
• Release Notes: identify Quick Wins (auto-enabled) vs Low-Effort items; engage super users; plan comms
• Pre-release orgs: early peek, 3-4 weeks before sandbox preview starts (no customizations though)
• Testing: prioritize UX impacts and custom code; run unit/integration/functional/UAT/performance; prefer API tests over brittle UI; mind governor limits

Cycle → Mark calendar → Engage community → Preview in sandbox → Review notes → Train/communicate → Roll out

---

🧪 Types of Testing

• Unit (smallest code units)
• Integration (external touchpoints)
• Functional (against requirements)
• UAT (end-user acceptance)
• Performance (scale/limits)
• Considerations: sandbox creation/refresh, API>UI tests, generate masked test data, don’t automate perf tests, retest both sides of integrations, rebuild Classic-only tests

---

🎯 Key Takeaways

• Model fit: 📦 Change Set (simple) • 📂 Org Dev (team scale) • 🔀 Package Dev (modular)
• Triad: People + Tools + Process must match maturity and complexity
• Governance/COE drives velocity, quality, compliance, and alignment
• CM + Testing + Release Readiness = fewer surprises, faster value

📈 Flow Charts

1) Pick the Right ALM Development Model

flowchart TD
  A([Start]) --> B{Org maturity & complexity high?}
  B -- Yes --> C{Modularity/independent releases needed?}
  C -- Yes --> PKG[🔀 Package Dev<br/>Unlocked packages + Scratch Orgs + CI/CD]
  C -- No --> D{Source control + branching required?}
  D -- Yes --> ODM[📂 Org Dev Model<br/>Git + DX + package.xml]
  D -- No --> CSD[📦 Change Set Dev<br/>Change Sets + Sandboxes]
  B -- No --> E{Small/simple changes?}
  E -- Yes --> CSD
  E -- No --> F{Team collaboration/PR reviews?}
  F -- Yes --> ODM
  F -- No --> CSD

2) Environment Risk → Mitigation Router

flowchart TD
  A([Risk Identified]) --> B{Category?}
  B -- Customization --> C[Adopt governance rules<br/>User-centered design<br/>Review & refactor]
  B -- Data Security --> D[Strong AuthN/AuthZ<br/>Event Monitoring<br/>Shield Encryption<br/>Sandbox data masking]
  B -- Governance --> E[Design standards<br/>Coding reviews<br/>Rigorous testing<br/>Data governance]
  B -- Project Mgmt --> F[Clear plan/scope/resources<br/>Stakeholder engagement<br/>CCB to control scope]
  B -- Development --> G[Refactor tech debt<br/>Impact-based prioritization<br/>Controlled integration tests]
  B -- Testing --> H[Comprehensive strategy<br/>Automate where apt<br/>Separate envs/scratch orgs]

3) Build a Governance Framework & COE

flowchart TD
  A([Start]) --> M{Assess maturity}
  M -- Non/Emerging --> B[Define minimal processes]
  M -- Practicing/Leading --> B
  B --> C[Form COE<br/>Cross-functional roles + charter]
  C --> D[Set design standards<br/>Naming, descriptions, code annotations]
  D --> E[Backlog governance<br/>Transparent tooling + cadence]
  E --> F[Release & deployment strategy<br/>Dev→QA→UAT→Staging→Prod]
  F --> G[Change Management process<br/>Collect→Prioritize→Approve→Roll out]
  G --> H[Measure outcomes<br/>Adoption, quality, budget, AARs]
  H --> I{Improve?}
  I -- Yes --> B
  I -- No --> J([Operate & Monitor])

4) Seasonal Release Readiness (Spring • Summer • Winter)

flowchart TD
  A([Upcoming Salesforce Release]) --> B[Mark calendar & read Release Notes]
  B --> C{Have preview sandbox?}
  C -- Yes --> D[Plan tests in preview sandbox]
  C -- No --> E{Within preview window?}
  E -- Yes --> F[Refresh/retain at least one sandbox on preview]
  E -- No --> G[Use pre-release org for early look]
  D --> H[Prioritize Quick Wins & low-effort items]
  H --> I[Run unit/integration/functional/UAT/perf tests]
  I --> J[Communicate & train users]
  J --> K{Prod upgraded?}
  K -- Yes --> L[Deploy internal release aligned to seasonal]
  K -- No --> M[Stage changes; wait for prod upgrade]

📚 Flashcards

What are the 3 Salesforce ALM development models?

• 📦 Change Set Development Model
• 📂 Org Development Model
• 🔀 Package Development Model

When should you use the Change Set Development model?

• Small/low-maturity orgs
• Simple changes
• Minimal team collaboration
• Limitations: no delete/rename, manual steps for some metadata

When should you use the Org Development Model?

• Source-driven approach
• Teams need Git + branching/PR reviews
• Use Salesforce DX, CLI, VS Code
• CI/CD-friendly for enterprise

When should you use the Package Development Model?

• High-maturity orgs
• Modular, independent apps/features
• Unlocked packages + Scratch Orgs
• Easier upgrades, CI/CD automation

Who are the key roles in ALM?

• Architect
• Developers
• Admins
• Designer
• Business Analyst
• QA Testers
• Project Manager
• Release Manager
• Stakeholders (execs, managers, end users)

What are the main stakeholder groups?

• Executive Leadership (sponsors, steering committee)
• Managers & Super Users (champion adoption)
• Department Leaders (sales/service/marketing sponsors)
• Core End Users (feedback & training input)

How do you mitigate Customization Risks?

• Governance framework + rules
• User-centered design
• Review/refactor unused customizations

How do you mitigate Data Security & Privacy Risks?

• Strong AuthN/AuthZ
• Event Monitoring
• Salesforce Shield Encryption
• Sandbox data masking

How do you mitigate Governance Risks?

• Establish design standards
• Consistent coding/testing practices
• Maintain comprehensive documentation
• Data governance framework

How do you mitigate Project Management Risks?

• Clear plan: scope, timeline, resources
• Thorough requirement gathering
• Stakeholder engagement
• Change Control Board for scope creep

How do you mitigate Development Risks?

• Refactor technical debt
• Prioritize tasks by impact/urgency
• Test integrations in controlled envs

How do you mitigate Testing Risks?

• Comprehensive strategy + automation
• Use realistic masked test data
• Separate sandboxes/scratch orgs

What are the 4 categories of a governance framework?

• Center of Excellence (COE)
• Change Management
• Org Strategy
• Technical Governance

What are the stages of governance maturity?

• Non-Existent/Basic → Emerging → Practicing → Leading

What are the benefits of good governance?

• Drives innovation & agility
• Ensures compliance & security
• Improves velocity & delivery quality
• Reduces risk

What are the pitfalls of poor governance?

• Misalignment business vs IT
• Low adoption
• Higher costs, reduced value
• Increased risks, slower delivery

What does a COE (Center of Excellence) do?

• Sets best practices & governance
• Provides standards across org
• Aligns projects to business goals
• Balances resources vs priorities

What are the 3 COE models?

• Consolidated (single, unified CRM)
• Federated (independent groups, unified data)
• Confederated (independent, even separate Salesforce orgs)

What’s included in a strong COE charter?

• Clear roles & decision rights
• Meeting cadence (Program Mgmt, Exec, Focus Areas)
• Deliverables (standards, comms, policies)
• Inclusivity (Execs, SMEs, Admins, End users)

What are the steps of the Change Management process?

• Initiate/Plan: vision, roadmap, align capabilities
• Operationalize: build/configure, manage org change, adoption
• Validate: audit, measure, adjust behavior

Who are the key users in Change Management?

• User community (feedback)
• Decision makers / Enterprise Architect
• Change Control Board (reviews & approves)
• Executive Sponsor (prioritizes, aligns to goals)

What ensures effective Change Management?

• Simple execution strategy
• Stakeholder input & comms
• Clear scope/effort/impact alignment
• End-user involvement & training
• Repeatable process

How often does Salesforce release updates?

• 3 times/year (Spring • Summer • Winter)

How do you prepare for seasonal releases?

• Align release calendar
• Keep at least 1 preview sandbox
• Use pre-release org for early features
• Review Release Notes (Quick Wins & Low-Effort features)
• Train & communicate to end users

What are the main types of testing for new features?

• Unit (smallest code units)
• Integration (with external systems)
• Functional (requirements validation)
• UAT (user acceptance)
• Performance (large data/ops)

What are key testing considerations before a release?

• Sandbox refresh/management
• Prefer API tests over brittle UI tests
• Use masked test data
• Ensure governor limits not hit
• Check Lightning vs Classic test compatibility

Which model for a multinational bank project (high complexity, security, cross-region)?

• Org Dev Model (Git + DX + CLI + Jira, multi-sandbox pipeline, cross-region sync)

Which model for multi-app suite (finance, HCM, analytics) needing modularity & upgrades?

• Package Dev Model (unlocked packages, Scratch Orgs, per-module Git branches, CI/CD automation)

How to mitigate ISP project risks (over-customization, unclear design, data leaks)?

• Governance standards, user-centered design, descriptions/help text, Profiles/PermSets/FLS, Shield Encryption

Which approach for IT request app (unknown requirements, scope creep, limited sandboxes)?

• Agile + Change Control Board + Scratch Orgs for isolated testing

How to align internal & Salesforce seasonal release cycles?

• Unified release calendar
• Full sandbox refresh ~6 weeks pre-release
• Preview testing
• Deploy after prod upgrade

Why would metadata fail to deploy between sandboxes?

• Version mismatch (preview vs non-preview)
• Fix by aligning versions, reviewing Release Notes, running regression in upgraded sandbox