Salesforce Dictionary - Free Salesforce GlossarySalesforce Dictionary
Salesforce Consultant
medium

How do you manage risk on a Salesforce project?

Risk management = identifying, prioritizing, and addressing things that could derail the project.

Risk categories:

Technical risks:

  • Integration with unfamiliar external system.
  • Custom code that pushes platform limits.
  • Data migration with poor source data.
  • Performance under expected load.
  • Salesforce platform changes during project.

Process risks:

  • Inadequate Discovery.
  • Scope creep.
  • Stakeholder churn.
  • Late UAT findings.
  • Insufficient testing.

Organizational risks:

  • Sponsor change.
  • Re-org during project.
  • Conflicting stakeholders.
  • Inadequate change management.
  • Resource availability (vacation, illness, attrition).

Commercial risks:

  • Underestimated effort -> budget overrun.
  • Vendor performance.
  • Currency / regulatory shifts (international).

Risk register format:

For each risk: ID, description, category, probability (low/med/high), impact (low/med/high), score (probability × impact), owner, mitigation, contingency.

Mitigation vs Contingency:

  • Mitigation: actions to reduce probability or impact. "Stand up a sandbox early to test the integration."
  • Contingency: what we'll do if the risk materialises. "If integration testing reveals data format issues, we'll engage Mulesoft team for Week 8."

Process:

  1. Identify risks during Discovery; refresh weekly during the project.
  2. Score and prioritise — top 5 get most attention.
  3. Assign owners — every risk has someone accountable.
  4. Track mitigations — are we doing what we said we'd do?
  5. Communicate — include risk register in steering committee reports.
  6. Close risks when no longer relevant.

Senior consultant move: surface risks early, even uncomfortable ones. "We're at risk of underestimating the data migration" said in Week 2 is far better than "we underestimated the data migration" said in Week 16.

Common pitfalls:

  • Optimism bias — hoping problems go away.
  • Risk register that's never updated — frozen Week 1 view, stale by Week 6.
  • Vague mitigations — "we'll handle it carefully" isn't an action.
  • No escalation path — high-impact risks ignored because nobody owns them.

Top risks for typical Salesforce projects:

  1. Data migration is messier than expected.
  2. Integration system unavailable when expected.
  3. Stakeholder availability for UAT.
  4. Scope creep without renegotiation.
  5. Adoption fails post-launch.

Plan mitigations for each from Week 1.

Why this answer works

Senior consulting. The mitigation/contingency split and the early-surfacing rule are mature.

Follow-ups to expect

Related dictionary terms