An enterprise architect connects Salesforce design decisions to business capability, data ownership, integration strategy, security, and long-term platform change. In Salesforce programs, the role is not limited to one org or one cloud; it sets guardrails so solution architects, admins, developers, data teams, and security teams can make consistent delivery decisions.
This guide explains what the role means in a Salesforce environment, how it differs from solution and technical architecture, and how to use TOGAF, Salesforce Well-Architected, diagrams, and secure Apex patterns without turning architecture work into paperwork.
What is an enterprise architect in Salesforce?
An enterprise architect in a Salesforce program defines how Salesforce fits into the wider operating model. The scope can include Sales Cloud, Service Cloud, Data Cloud, Agentforce, ERP, identity, middleware, analytics, DevOps, compliance controls, and business processes that do not live inside Salesforce at all.
The important word is not “enterprise” as a company size label. The enterprise can be a whole company, a business unit, a product line, or a transformation program. The architect sets the boundary, names the capabilities in scope, and shows how the systems should work together.
Salesforce’s Architecture Center provides official guidance for platform architecture, including the Well-Architected Framework, architecture diagrams, reference patterns, and integration guidance. Use those resources as Salesforce-specific inputs, then combine them with the organization’s architecture method and governance process.
Enterprise architect vs solution architect vs technical architect
These roles overlap, but they answer different questions. In enterprise orgs, confusion usually appears when one person is expected to own strategy, solution design, and low-level implementation at the same time. Separate the decision levels early.
| Role | Main question | Typical Salesforce decisions | Outputs |
|---|---|---|---|
| Enterprise architect | How should business capability, data, technology, and governance fit together? | Org strategy, application landscape, data ownership, integration principles, identity model, release governance, platform guardrails | Capability map, system context diagram, data domain model, integration strategy, architecture decision records, roadmap guardrails |
| Solution architect | How should this Salesforce solution meet the approved business outcome? | Cloud selection, object model, automation approach, user journey, integration design, migration scope, reporting approach | Solution design, user stories, logical data model, flow design, integration sequence, deployment plan |
| Technical architect | How should the platform implementation meet scale, security, and lifecycle requirements? | Apex/LWC patterns, sharing model, transaction design, async processing, API usage, CI/CD, performance testing | Technical design, code standards, deployment architecture, test strategy, limit analysis, security review notes |
A Salesforce Certified Technical Architect can work at enterprise level, but the terms are not identical. The Salesforce Architect credential path covers platform architecture depth; an enterprise architecture role also needs business architecture, portfolio governance, and cross-system decision making.
How does an enterprise architect use Salesforce Well-Architected?
Salesforce Well-Architected organizes platform guidance around trusted, easy, and adaptable solutions. For an enterprise architect, those pillars become review questions rather than slogans.
- Trusted: Does the design protect data, enforce permissions, support audit needs, and meet availability expectations?
- Easy: Does the design reduce unnecessary variation, simplify user work, and keep the delivery model understandable?
- Adaptable: Can the architecture handle new products, business units, automation, data domains, and release changes without constant rework?
Use the Salesforce Well-Architected Framework as a review lens for Salesforce-specific design choices. Use Salesforce Diagrams when stakeholders need visual agreement on boundaries, integrations, and data movement. Use the Salesforce integration patterns guidance when the design depends on data synchronization, request-reply calls, platform events, middleware, or batch movement.
How to apply TOGAF to Salesforce enterprise architecture
TOGAF is an enterprise architecture standard from The Open Group. The TOGAF Architecture Development Method gives teams a way to move from business goals to architecture views, migration planning, and governance. Salesforce teams do not need to copy every TOGAF artifact. They need enough structure to keep decisions traceable.
For Salesforce work, apply TOGAF as a question set:
- What business capabilities are changing?
- Which applications support those capabilities today?
- Which data domains are mastered in Salesforce, outside Salesforce, or shared?
- Which technology services support identity, integration, observability, testing, and release management?
- Which governance decisions must be made before teams build?
Togaf consulting approach client company enterprise architecture framework in Salesforce
The phrase togaf consulting approach client company enterprise architecture framework describes a common search intent: a team wants a consulting method that can be applied to a client company without ignoring the client’s existing enterprise architecture framework. In Salesforce work, that means the consultant should not begin with objects, flows, or licenses. Start with capability scope, stakeholder concerns, current systems, and decision rights.
A practical togaf consulting approach client company enterprise architecture framework for Salesforce should produce a short set of artifacts that delivery teams will actually use: a capability map, an application landscape, a data ownership matrix, an integration pattern choice, and a decision log. If the client company already uses TOGAF, ArchiMate, SAFe, or another method, map Salesforce artifacts into that method instead of replacing it.
TOGAF domains mapped to Salesforce work
| TOGAF domain | Salesforce architecture question | Useful artifact |
|---|---|---|
| Business architecture | Which capabilities, value streams, policies, and operating model changes depend on Salesforce? | Capability map, process map, operating model notes, business outcome register |
| Application architecture | Which systems own lead, account, order, case, contract, product, identity, and consent functions? | Application catalog, system context diagram, Salesforce cloud map |
| Data architecture | Which system is authoritative for each data domain, and how will data quality be measured? | Data domain model, object ownership matrix, data retention notes, duplicate management approach |
| Technology architecture | Which platform services support integration, DevOps, SSO, encryption, monitoring, AI grounding, and release control? | Technology reference model, integration decision record, environment strategy |
What artifacts should an enterprise architect create?
An enterprise architect should create the smallest set of artifacts that changes decisions. A document that nobody uses is not governance. The table below shows practical Salesforce artifacts and the decisions they support.
| Artifact | Purpose | Salesforce example |
|---|---|---|
| Capability map | Shows what the business does without starting from system names. | Lead management, quote generation, partner onboarding, field service scheduling, case escalation |
| Application landscape | Shows which systems support each capability. | Salesforce for opportunity management, ERP for invoicing, MDM for customer golden record, middleware for orchestration |
| Data ownership matrix | Prevents multiple systems from claiming the same master data. | Account mastered in MDM, opportunities mastered in Salesforce, invoices mastered in ERP |
| Integration decision record | Explains why a pattern was selected. | Platform events for near-real-time notifications; Bulk API for nightly data volume; synchronous REST only where user response needs it |
| Security model summary | Connects data classification to access rules. | OWD, role hierarchy, sharing rules, restriction rules, permission sets, field-level security, Shield requirements |
| Release and environment strategy | Defines how change moves from idea to production. | Scratch orgs or sandboxes, CI/CD, feature branches, test automation, release gates, rollback notes |
How to design Salesforce guardrails for enterprise architecture
Guardrails help teams move without asking for approval on every field, flow, or class. They should be specific enough to guide build decisions and small enough to maintain.
Example guardrails for Salesforce delivery
- Org strategy: Use one Salesforce org only when data model, process, compliance, and release requirements can be governed together. Use separate orgs when isolation is a real requirement, not just a team preference.
- Data model: Do not create duplicate customer identifiers without a stated master system, matching rule, and reconciliation process.
- Automation: Prefer record-triggered Flow for admin-owned logic. Use Apex when transaction control, complex data processing, reusable service logic, or limit management requires code.
- Integration: Avoid point-to-point growth without an integration catalog. Record whether each interface is synchronous, asynchronous, batch, event-driven, or file-based.
- Security: Treat CRUD, FLS, sharing, restriction rules, and data classification as design inputs, not post-build checks.
- AI and Data Cloud: Define data sources, consent, retention, grounding data, audit needs, and human review points before enabling AI-assisted processes.
Apex guardrail example: query in user mode
Architecture guardrails should reach code standards when the risk is technical. For example, a service method that returns Account data to Lightning Web Components should not run an unrestricted query just because Apex can run in system context. Salesforce recommends user-mode database operations and related security controls for enforcing object and field permissions in Apex where appropriate.
public with sharing class AccountReadService {
@AuraEnabled(cacheable=true)
public static List<AccountSummary> getRecentAccounts(Integer requestedLimit) {
Integer rowLimit = requestedLimit == null
? 50
: Math.min(Math.max(requestedLimit, 1), 200);
List<Account> accountRows = [
SELECT Id, Name, Industry
FROM Account
WITH USER_MODE
ORDER BY LastModifiedDate DESC
LIMIT :rowLimit
];
List<AccountSummary> results = new List<AccountSummary>();
for (Account accountRow : accountRows) {
results.add(new AccountSummary(
accountRow.Id,
accountRow.Name,
accountRow.Industry
));
}
return results;
}
public class AccountSummary {
@AuraEnabled public Id id;
@AuraEnabled public String name;
@AuraEnabled public String industry;
public AccountSummary(Id id, String name, String industry) {
this.id = id;
this.name = name;
this.industry = industry;
}
}
}Governor limit note: the query runs once, limits the row count, and avoids SOQL inside loops. The method still needs tests for users with different object and field permissions. Review the official Apex user mode database operations documentation before setting this as a code standard.
Apex guardrail example: update with user-mode DML
For updates, define whether the service should enforce the running user’s access or perform a controlled system operation. The default should be explicit. The following example uses user-mode DML and reports field-level access errors back to the caller.
public with sharing class AccountDescriptionService {
@AuraEnabled
public static void updateDescription(Id accountId, String newDescription) {
if (accountId == null) {
throw new AuraHandledException('Account Id is required.');
}
Account accountToUpdate = new Account(
Id = accountId,
Description = newDescription
);
Database.SaveResult saveResult = Database.update(
accountToUpdate,
false,
AccessLevel.USER_MODE
);
if (!saveResult.isSuccess()) {
List<String> messages = new List<String>();
for (Database.Error error : saveResult.getErrors()) {
messages.add(error.getMessage());
}
throw new AuraHandledException(String.join(messages, '; '));
}
}
}This pattern is not a replacement for design review. It is a code-level expression of the security architecture. In some back-office integrations, system-mode operations may be valid, but the architecture decision should state why elevated access is required and how it is audited.
How should an enterprise architect review data and integration choices?
Salesforce projects often fail at boundaries: where data enters, where it is mastered, where it is transformed, and where users expect real-time behavior. An enterprise architect should force these choices into the open before teams estimate build work.
Data review questions
- Which system is the system of record for each data domain?
- Which Salesforce objects are shared across clouds or business units?
- Which fields contain regulated, confidential, or contractual data?
- Which data must be available to Data Cloud, CRM Analytics, reports, Agentforce actions, or external warehouses?
- Which retention, deletion, consent, and encryption rules apply?
For deeper Salesforce data planning, connect this article with Salesforce Data Cloud architecture decisions and Salesforce reports and analytics design.
Integration review questions
- Does the user need an answer in the same transaction, or can the process run asynchronously?
- What is the expected data volume, peak rate, retry behavior, and failure owner?
- Will the integration use REST, SOAP, Bulk API, Pub/Sub API, Platform Events, Change Data Capture, middleware, or file exchange?
- How will errors be logged, monitored, replayed, and reconciled?
- Which team owns versioning and contract changes?
For developer-level implementation choices, pair the enterprise view with Lightning Web Components design patterns and Salesforce AI architecture considerations.
Best practices for enterprise architect reviews
- Start with a decision backlog. List the decisions that block delivery: org strategy, master data, identity, integration style, data retention, release model, and exception handling.
- Separate principles from preferences. “Use asynchronous integration when the user does not need an immediate response” is a principle. “Use this middleware for every interface” may be a preference unless the enterprise standard requires it.
- Document trade-offs. Every architecture decision should record options, selected path, reason, and consequence.
- Review limits early. Apex governor limits, API limits, sharing recalculation, report performance, automation order of execution, and data skew can change the design.
- Include security in every review. Profiles, permission sets, permission set groups, OWD, sharing rules, restriction rules, field-level security, and audit logging affect user experience and compliance.
- Keep artifacts alive. Update diagrams and decision records when releases change. Stale architecture causes the same damage as no architecture.
Common errors with enterprise architecture in Salesforce
| Error | Why it hurts | Better approach |
|---|---|---|
| Starting with licenses instead of capabilities | The design becomes product-led instead of outcome-led. | Map capabilities first, then select clouds, features, and integrations. |
| Treating Salesforce as the master for every data domain | Teams create duplicate records and unclear ownership. | Define master, subscriber, and stewardship roles for each data domain. |
| Using synchronous integration for every process | User transactions become dependent on remote system availability. | Use synchronous calls only where the user must wait; use events or batch for other processes. |
| Leaving security to the end | OWD, sharing, FLS, and compliance constraints may force redesign. | Review data classification and access paths during architecture, not after testing. |
| Creating diagrams without decision ownership | The diagrams look useful but do not change delivery behavior. | Attach every diagram to a decision, owner, date, and review trigger. |
When should a Salesforce team involve an enterprise architect?
Bring an enterprise architect into the work when the decision crosses team, cloud, data, or system boundaries. You do not need the role for every page layout change. You do need it when a decision will shape the platform for years.
- A new Salesforce cloud will share data with existing clouds.
- Data Cloud, Agentforce, CRM Analytics, or external data platforms depend on the same customer data.
- ERP, CPQ, billing, service, commerce, or identity systems must exchange data with Salesforce.
- A merger, regional rollout, or business unit split raises org strategy questions.
- The security model needs role hierarchy, sharing, restriction rules, encryption, audit, and compliance review.
- Multiple delivery teams are changing the same objects, automations, or integrations.
For career planning, compare the role with the Salesforce credential path in Certified System Architect preparation. The enterprise role is broader than one certification, but the system architecture path builds useful depth for integration, identity, development lifecycle, and platform governance.
Enterprise architect checklist for Salesforce programs
- Define the enterprise boundary: company, business unit, capability, region, or program.
- Name the business capabilities in scope and the outcomes they support.
- Create or update the application landscape.
- Define system-of-record ownership for customer, product, order, case, contract, consent, and identity data.
- Select integration patterns and document why they fit the latency, volume, and failure requirements.
- Review OWD, sharing, permission set strategy, FLS, restriction rules, audit, and data classification.
- Define environment, DevOps, testing, release, and rollback standards.
- Record architecture decisions and review them at each release boundary.
- Map Salesforce-specific decisions to the client’s enterprise architecture framework, including the togaf consulting approach client company enterprise architecture framework where that is the agreed method.
Frequently Asked Questions
What does an enterprise architect do in Salesforce?
An enterprise architect defines how Salesforce fits with business capabilities, data ownership, integrations, security, and technology standards. The role sets guardrails so solution architects and delivery teams can design Salesforce features without creating conflicts across systems.
Is an enterprise architect the same as a Salesforce Technical Architect?
No. A Salesforce Technical Architect focuses on platform architecture, implementation depth, integration, security, lifecycle, and scale. An enterprise architect works across the business and technology landscape. One person may have both skill sets, but the responsibilities are different.
How does TOGAF help a Salesforce enterprise architect?
TOGAF gives a structure for moving from business goals to architecture views, migration planning, and governance. In Salesforce work, the value comes from mapping business, application, data, and technology domains to practical artifacts such as capability maps, data ownership matrices, integration decisions, and release guardrails.
What should be included in a Salesforce enterprise architecture review?
A Salesforce enterprise architecture review should include capability scope, application landscape, data ownership, integration patterns, security model, environment strategy, release process, operational monitoring, and known platform limits. The review should produce decisions, not just diagrams.
Does an enterprise architect need to know Apex?
An enterprise architect does not need to write every Apex class, but they should understand where code affects architecture. Examples include transaction boundaries, governor limits, sharing behavior, user-mode operations, asynchronous processing, test coverage, and API version choices.