How to make the case for Profiles to permission sets project with your leadership for existing orgs

If you have an existing Salesforce Org which has a lot of profiles, roles, and permission sets, one of the messages from Salesforce on the need to move to Permission sets would have caused a lot of stress, fear, and unknowns in your mind as an admin, architect or CRM leader. The challenges are how do we convince our business who are in the spirit of moving fast to understand this is a priority, how we prepare for the migration, and what to do interim to plan for it.

Getting the business Buy- in

One of the most challenging tasks for this migration is to get the buy-in from your business and your executive leadership. If you are in the agile sprint world, with more stories and epics focused on business value, selling the need to focus on getting your leadership to have an epic or story on Strategy for permission set migration will seem to be a daunting task. If you are planning to make a presentation to your leadership, here is some groundwork you need to do to indicate business value.

Reduced cost

You might wonder how a security project can help to save costs. There are 3 key factors to look at that can help.

  1. Reduction of unwanted licenses due to moving profiles to permission sets where you would find that there is a bunch of users who have duplicate licenses in your multiple orgs due to access of needed data or unwanted data.
  2. Reduction in time spent on troubleshooting tickets or cases on access – If you ask your IT vendor who is providing support or your support team on tickets raised due to access issues like could not see the data they need or not sure why they see certain objects and quantify the time spent, you will get the metrics on time savings. If you are not sure of the hours, you can use a range of a minimum of 2 to 4 hours which involves analysis, fixing issues, testing, and deployment.
  3. Time spent on audits and compliance needs – One of the challenges for IT audits is the time spent answering questions for your auditors on who has access to your sensitive data and why? With the redesigned project, it will be easy to run a quick report on a permission set group or permission set to answer the key questions asked by auditors than days spent answering questions which can put a drain on the project.

Opportunity Cost

One of the least ignored factors in pitching to the leadership is the opportunity cost which is money lost on not executing projects or time lost due to unwanted maintenance issues. To come up with a metric for the opportunity cost, you can use the following 2 metrics as guidelines

  1. Number of projects stalled or not implemented – There could be multiple initiatives in your enterprise where a project like the purchase of an external app, integration with your external systems like Erp, or case management system could have been stalled due to complexity in your security. By simply quantifying the time spent on delays and reaching out to the stakeholders on the value of the project will give you the juice to quantify the opportunity cost.
  2. Also, the second way is to get the metrics on time spent on fixing issues with security and access. So if you have around 10 issues per month and on average 4 hours to fix an issue, it could be 40 hours per month leading to 480 hours a year which is nearly 3 months of resource time.

Enhanced Security and Data Privacy

If you have a stakeholder who has a compliance background or CISO role, this would be the pitch that you can use to present to the audience. Migrating from profiles to permission sets allows for more granular control over user access to data and functions. With permission sets, you can implement the principle of least privilege, ensuring that users have only the necessary permissions for their specific roles.
Improved security measures reduce the risk of data breaches and unauthorized data access, safeguarding sensitive information and complying with data privacy regulations such as GDPR or CCPA.

Increased adoption

One of the major pain points for any leadership is to look for ways to increase adoption with your CRM tool. To get to adoption, it is important to have the right user experience for a new user when he is exposed to salesforce the first time and also a leader who is looking to report on data collected in your CRM. You can use the following 2 value points to make the case.

  1. With the revised security model, you can assign the right permission to the new users leveraging automation in the JML process so that the new users can get started with the right note.
  2. Sales, Service, and Marketing leadership adoption can be increased with the right data exposed to them for reporting which will lead to increased adoption from the leadership teams using Salesforce.

The next question is what are the areas I can spend some time with my salesforce org so that I can create the right metrics for the leadership. Here are some guidelines on key metrics which you can use to make the case for leadership.

Key Metrics which you can present to leadership

  1. Number of Profiles:
    • Total count of existing profiles in the Salesforce org.
  2. Number of Permission Sets:
    • Total count of permission sets required to meet the access requirements of different user groups.
  3. Redundant Profiles:
    • Identify and quantify profiles with similar access permissions that can be consolidated into permission sets.
  4. Security Incidents and Breaches:
    • Historical data on the number and severity of security incidents and data breaches in the Salesforce org.
  5. Administrative Hours Saved:
    • Measure the time spent by administrators managing profiles and compare it to the estimated time savings after migrating to permission sets.
  6. User Onboarding Time:
    • The average time taken for new users to get onboarded to the system using profiles.
    • Compare it with projected onboarding time with permission sets, which should be more efficient.
  7. Data Privacy Compliance Status:
    • Assess the compliance status of the organization with data privacy regulations (e.g., GDPR, CCPA) and identify gaps that permission sets can address.
  8. Training Feedback and Time Saved:
    • Gather feedback from users about the ease of understanding and using permission sets.
    • Measure the reduction in training time and support needed post-migration.
  9. System Performance Improvements:
    • Measure system performance before and after the migration to assess the impact of reduced profile count on system speed and response time.
  10. Cost Savings in Administrative Efforts:
    • Calculate the potential cost savings in administrative hours based on the reduction in profile management complexity.

Finally, What is the key message with Analogies for takeaway for the leadership?

Once you have the metrics and business value, it is important to end the presentation with the right key message which will help the leadership to make a decision on the project. You can use the following 2 analogies for making the case with nontechnical leadership.

Analogy 1: The Security Fortress vs. a Single Door Lock

Imagine your Salesforce org as a fortress protecting valuable assets and sensitive data. The profiles act as the main door lock, controlling access to the fortress. Currently, the fortress has multiple doors with similar locks, making it challenging to ensure that only authorized personnel can enter specific areas.

The profile to the permission set migration project is like upgrading the fortress’s security system by replacing the multiple door locks with a state-of-the-art access control system. This new system uses personalized key cards (permission sets) that grant precise access to different areas based on individual roles.

Analogy 2: Custom-Tailored Suits vs. Off-the-Rack Clothes

Imagine your Salesforce org as a tailor shop that caters to different customer needs. Currently, the shop offers a few pre-made suits (profiles) that customers can choose from. However, these suits may not fit perfectly and may not meet all customers’ specific requirements.

The profile to permission set migration project is like offering custom-tailored suits (permission sets) to each customer based on their unique preferences and measurements.

Drawing parallels, the project is critical because:

  • Custom-tailored suits (permission sets) provide a precise fit for each customer (user), ensuring they have the exact access they need to perform their roles effectively.
  • Just as customers expect tailored suits that enhance their appearance and confidence, users expect a smooth and efficient Salesforce experience tailored to their needs.
  • Funding the project now allows the organization to provide users with an optimized experience, increasing their productivity and satisfaction, which translates to better business outcomes.

Final Core Message to your leadership

Once you make the analogy, you can end your presentation with a final core message. Here are 2 messages which Claude AI generated for the project.

This migration will empower our users and unleash innovation.

Quirky Comment:

Profiles are like brick phones – they get the job done but aren’t very smart. Permission sets are like smartphones – unlocking a world of possibilities. Let’s give our teams the smartphones they deserve!”

Unlock the Power of Precision with Permission Sets!

This core message emphasizes the concept of “unlocking” access to specific functions and data with precision, highlighting the transformative impact of migrating from profiles to permission sets. It emphasizes that permission sets provide tailored access to users, aligning with their exact roles and responsibilities, which leads to increased security, improved user experience, and better overall system performance.

To add a quirky or funny comment to make the message stick, you can include:

Say goodbye to one-size-fits-all access like ‘One Profile to Rule Them All’ and say hello to a wardrobe of custom-fitted ‘Permission Sets’ that make your Salesforce org look stylish and secure!

To summarize, here are the top 3 key takeaways you can use to present your case to the leadership of your security project.

  1. Make the case with business value with cost savings and opportunity costs.
  2. If you have a CISO or security-minded professional, leverage flexible security with the least privilege access to make the case for security.
  3. Finally have one analogy and one core message for the audience to take away.

I do also have a deck that you can use as part of the presentation. Please feel free to reach out to me at to discuss further on the deck.

Please Subscribe

Subscribe to our mailing list to get tips on maximizing your salesforce

We respect your privacy.

Please subscribe

Subscribe to our mailing list and get tips to maximize salesforce to your email inbox.

I am honored to have your subscription. Stay tuned for tips to maximize your salesforce investment

Something went wrong.


Author: buyan47

Hi there! My name is Buyan Thyagarajan. I am a Salesforce consultant specializing in Higher Education, Manufacturing and Marketing Automation. My blogs will help you to maximize your Salesforce CRM investments, prevent problems beforehand and make the right decisions. If you need to talk to me right away, you can email me at or call me at 302-438-4097

Leave a Reply

Your email address will not be published. Required fields are marked *