Imagine that a team of experts evaluated every aspect of your Salesforce org. They conduct over 75 different tests on org data, metadata, and architecture. Then they deliver a comprehensive color-coded report that details every problem in five categories including security risks, compliance audit, technical debt, best practices, and code quality. Better yet, each line of the report has a link that will take you to a solution for the problem. Sounds great? This is exactly what the new Org Health Scan report does. But instead of a team of experts, Metazoa has taken 15 years of experience managing complex Salesforce orgs and encoded this knowledge into a single report that can automatically scan any org as often as needed. This is a game-changing capability that will encourage best practices for org management and greatly benefit every Salesforce developer and administrator.
This description may remind you of Salesforce Optimizer, which is a free service that looks at some aspects of org health. But Optimizer only covers about 25 different tests, and many of those are focused on encouraging the use of various Salesforce products. Few aspects of data or code quality are considered. The parameters that Optimizer uses are hard coded and cannot be adjusted to account for the differences between orgs. The Org Health Scan report covers 75 comprehensive tests in five different categories. This is three times more than Salesforce Optimizer. You can adjust all the parameters for your org, and generate comprehensive output for each test.
Org Health Scan User Interface
The main interface for this report is simple. You can select up to 75 different tests from five categories in the list at left. Use the Quick Find text entry box to search for tests by name. Try right clicking the list to select or deselect all the tests in any category. The currently selected test is shown in blue. The results for the selected test are available on the second Preview Report tab. You can adjust the various parameters for each test with the user interface at right. Go back and forth between adjusting the parameters and seeing the results on the second tab until you are satisfied with the selected test. The initial parameters for each test represent industry accepted best practices for Salesforce administration and org management. You can restore the initial parameters by clicking the Default Values button in the upper right corner of the screen.
The Display Report Tab
Check the green boxes next to the tests that you want to include in the final report. When you go to the Display Report tab, all the tests that have been checked will be run. A really simple way to run the entire report is to right click and select all tests from the list and then advance to the Display Report tab. Each test will be summarized in the first table, and a more detailed report for each test is available in an additional table below. The color-coding can be adjusted for each test if desired.
The final report can be exported as CSV, HTML, PDF, and XLSX, which is the native Excel format. To the right of each table is a link into the Lightning Interface that will jump to the specific problem that was detected. In the summary table, the link will take you to the relevant documentation for our Snapshot Org Management product. Snapshot provides tools that can automatically fix many of these problems. An example of the report summary table is shown below. Now let’s look in more detail at all the various tests that are available.
Security Risks
This category provides 10 tests that make sure that org limits and user roles and permissions are secure. You can include the Salesforce reports for Security Health Check, Org Limits, and Release Updates that are overdue. Older orgs can check for formula fields that still use JavaScript, and guest site users that have access to data. Lastly, you can evaluate any profile or permission sets that have changed since the last time you ran the audit. Permission changes can expose sensitive information or give important capabilities to the wrong users.
- Security Health Check Warnings
- Org Resources With Low Availability
- Release Updates That Are Overdue
- Users With Administrative Privileges
- Formula Fields That Use JavaScript
- Queues And Groups That Have Guest Site Users
- Sharing Rules That Grant Access To Guest Site Users
- Objects With Default External Access For Guest Site Users
- Profile Permissions That Have Changed
- Permission Sets That Have Changed
Compliance Audit
This category provides 16 tests that look for compliance problems including missing documentation, confusing labels, and GDPR violations. You can test for orgs that have too many reports, profiles, and permission sets relative to the number of users. You can test for fields that contain personal information but are not encrypted. Another test looks at page layouts that have too many required fields. Lastly, you can calculate the percent of multiselect picklists compared to all fields. Multiselect picklists complicate reporting and formulas.
- Metadata Assets That Have Been Deprecated
- Metadata Assets With Missing Descriptions
- Metadata Assets With Hard Coded References
- Fields With Missing Compliance Information
- Fields With Missing Descriptions And Help Text
- Personal Data Fields Missing Compliance Information
- Personal Data Fields That Are Not Encrypted
- Fields With Labels That Look Like Other Fields
- Objects With Labels That Look Like Other Objects
- Administrative Profiles With Limited Field Access
- Administrative Profiles With Limited Object Access
- Too Many Reports Compared To Active Users
- Too Many Profiles Compared To Active Users
- Too Many Permission Sets Compared To Active Users
- Too Many Multiselect Picklists Compared To All Fields
- Too Many Required Fields On Page Layouts
Technical Debt
This category provides 10 tests that make sure that fields, picklists, reports, and dashboards are being fully utilized. You can scan for fields that mainly have empty values, picklists with lots of junk values, and reports, dashboards, and email templates that have not been used in a long time. You may want to adjust the objects that have been selected for each test. The default selection just covers the Account, Case, Contact, Lead, and Opportunity objects. Lastly, custom profiles and permission sets assigned to few active users are a source of metadata bloat and should be deprecated.
- Fields With Too Many Empty Values
- Picklists With Too Many Junk Values
- Reports That Have Not Been Run Recently
- Dashboards That Have Not Been Refreshed Recently
- Email Templates That Have Not Been Used Recently
- Apex Classes That Have Not Been Executed Recently
- Custom Profiles Assigned To Few Active Users
- Permission Sets Assigned To Few Users Or Groups
- Users That Have Not Logged In Recently
- Users That Have Not Modified Any Record Recently
Best Practices
This category provides 20 tests that make sure that objects, fields, and records are following best practices. You can test for fields with missing compliance information and confusing labels. Objects that have too many required fields, record types, validation rules, and triggers. Cases and opportunities that were created and closed the same day. Contacts and leads without valid information. Opportunities and cases that are overdue or have never been updated.
- Objects That Need More Formula And Rollup Fields
- Objects With Too Many Validation Rules
- Objects With Too Many Required Or Unique Fields
- Objects With Too Many Record Types
- Objects With Too Many Lookup Relationships
- Objects With Too Many Apex Triggers
- Objects With Too Many Record Trigger Flows
- Objects That Mix Triggers, Workflows, and Flows
- Records That Are Missing Record Type Information
- Records That Are Owned By Inactive Users
- Cases That Are Overdue
- Cases Created And Closed On The Same Day
- Contacts That Don’t Have Any Valid Information
- Contacts That Are Not Connected To An Account
- Leads That Don’t Have Any Valid Information
- Opportunities That Are Overdue
- Opportunities Created And Closed On The Same Day
- Closed Won Opportunities With No Activity Records
- Opportunities That Have Never Been Updated
- Tasks That Have Been Open For Too Long
Code Quality
This category provides 9 tests that make sure that Apex code quality and coverage are working correctly. This category provides a wealth of information with static code analysis. You can test for Apex triggers that reference multiple assets. Apex classes and triggers with low code quality, low code coverage, or obsolete version numbers.
- Apex Triggers That Reference Multiple Assets
- Apex Classes And Triggers With Low Code Quality
- Apex Classes And Triggers With Low Code Coverage
- Apex Classes And Triggers With Low Version Numbers
- Apex Classes That Call External Services
- Apex Classes Called By External Services
- Apex Classes With Too Many Lines Of Code
- Apex Classes With Too Many Duplicate Lines
- Too Many Apex Classes Compared To Test Classes
Conclusion
There you have it. The new Org Health Scan report from Metazoa will encourage best practices for org management and greatly benefit every Salesforce developer and administrator. This report covers five times the territory of Salesforce Optimizer. This application can be run any time there are major changes to an org. Every aspect of health and security will be evaluated. Please give this report a try and let us know of additional test that we can cover in future versions of the product.
Bill Appleton
CTO Metazoa
Congratulations! 