Agentforce is generating real excitement across industries. Wealth management firms want AI agents that can surface portfolio alerts. Insurance carriers are eyeing autonomous claims triage. Nonprofits are exploring donor engagement tools that work around the clock. The promise is compelling: digital workers that act, decide, and follow through—without a human in the loop for every step. But here is a question that does not get asked often enough before the kickoff call: Is your Salesforce org actually ready for this?

Agentforce is not a plug-in or a feature to toggle on and off. It is an AI layer that sits on top of your existing data architecture, your business processes, and your Salesforce configuration. The quality of what it delivers is almost entirely determined by the quality of what it inherits.

Organizations that skip the readiness conversation and go straight to agent deployment often discover—mid-pilot, in front of stakeholders—that their AI is confidently acting on bad data, missing critical context, or running into permission walls it was never designed to clear.

This checklist is for IT decision-makers who want to get this right. Work through each section honestly. The gaps you find here are far less expensive to close now than after go-live.

Why Readiness Matters More Than You Think

There is a tempting assumption baked into most AI rollout conversations: that the platform does the heavy lifting and the organization just needs to show up. Agentforce is sophisticated enough that this assumption feels reasonable. It is also wrong.

Consider a hypothetical: a regional insurance carrier deploys an Agentforce agent to handle first-notice-of-loss intake. The agent is well-configured, the prompts are tight, and the demo looked great. But three weeks into production, the team notices the agent is routing 30% of claims to the wrong adjusters. The root cause? The account ownership fields in Salesforce were last cleaned in 2021. The agent is not broken—it's doing exactly what it was instructed to do. It's the data that is broken. This pattern repeats across industries. The failure mode is rarely the AI; it is almost always the foundation on which the AI was asked to stand.

Eight Agentforce Readiness Domains

Agentforce readiness spans eight interconnected domains. Weakness in any one of them does not necessarily block a deployment, but it does shape what your agent can reliably do—and how much trust you can reasonably extend to it.

1. Data Quality and Completeness

Agentforce reasons over your data. It reads records, follows relationships, and draws conclusions. If your data is inconsistent, outdated, or incomplete, the agent will reason its way to wrong answers with total confidence.

For wealth management firms, this means client financial profiles, risk tolerance designations, and household relationship maps need to be current and accurate. For insurers, policy records, coverage details, and claimant contact information must be reliable. For nonprofits, constituent records (including giving history, relationship codes, and communication preferences) feed agent decisions directly.

Checklist items:

• Key object fields (Account, Contact, Case, Opportunity) are populated at 85% or higher for records active in the past 24 months

• Duplicate records have been identified and a deduplication plan is in place

• Account ownership and assignment fields reflect current team structures

• Lookup relationships critical to agent workflows are intact (no orphaned records)

• Date fields used for recency logic are trustworthy and formatted consistently

2. Object and Schema Architecture

Agentforce agents navigate your schema the way a new employee navigates your filing system. If the architecture is logical and well-labeled, they move efficiently. If it is a decade of ad hoc customization with fields named "Custom_Field_47" and objects built for a process that no longer exists, the agent gets lost—and so does anyone trying to configure it.

This is particularly relevant for organizations that have been on Salesforce for five or more years. Accumulated technical debt—unused fields, redundant objects, conflicting picklist values—creates noise that degrades agent performance.

Checklist items:

• Custom objects and fields have meaningful API names and descriptions (not "CF_001" or "Legacy_Field")

• Picklist values are current, consistently used, and free of duplicates or deprecated options

• Objects central to agent workflows have been reviewed for unused fields that could confuse context

• Relationship hierarchies (Account to Contact to Case, for example) are logical and well-documented

• A field dictionary or data dictionary exists and is reasonably up to date

3. Security Model and Permissions

This is the domain most organizations underestimate—and the one that most often derails a deployment when left unaddressed. Agentforce agents run as a specific user context with a specific permission set. Whatever the user can see, the agent can see. Whatever it cannot access, the agent cannot act on. In regulated industries, this is not merely a technical concern—it is a compliance one. A wealth management firm deploying an agent that surfaces client portfolio data must be certain that the agent operates within the same data access boundaries as a licensed advisor. An insurer's claims agent cannot be permitted to read fields it has no business reason to access. The inverse problem is equally common: agents that cannot complete their tasks because they hit permission walls mid-workflow. Both failure modes are expensive to discover after go-live.

Checklist Items:

• A dedicated Agentforce user profile or permission set has been designed (not borrowed from an existing user type)

• Field-level security has been reviewed for all objects the agent will read or write

• Sharing rules and org-wide defaults are documented and understood in the context of agent access

• Legal, compliance, or privacy teams have reviewed the agent's intended data access scope

• There is a plan for auditing agent actions in the event of a compliance review

4. Process Automation Landscape

Most Salesforce orgs have years of automation layered on top of each other—workflow rules from 2016, Process Builder flows from 2019, and Flows built last quarter. Agentforce agents do not operate in isolation from this automation. They trigger it, run alongside it, and occasionally collide with it.

Before deploying an agent that creates or updates records, it is essential to understand what existing automation will fire as a result—and whether that automation is still doing what it was originally intended to do. An agent that creates a Case record might trigger a decade-old workflow rule that sends a notification email to a retired employee's address. Small issues in isolation become systemic issues at agent scale.

Checklist Items:

• Active automation (Flows, workflow rules, Process Builder) touching objects the agent will write to has been inventoried

• Legacy workflow rules and Process Builder processes have been evaluated for migration to Flow

• There are no conflicting automation paths that could fire simultaneously and create duplicate or contradictory outcomes

• Automation that sends external notifications (email, SMS) has been reviewed to ensure agent-triggered records will not generate unintended outbound communications

• A testing environment reflects production automation accurately for pre-deployment validation

5. Knowledge and Grounding Content

Agentforce agents do not just act on data—they reason over content. For many use cases, that means knowledge articles, product documentation, process guides, or policy documents that the agent references when formulating responses or making decisions. If that content is outdated, poorly structured, or simply does not exist in Salesforce Knowledge, the agent has nothing reliable to draw from. A nonprofit agent handling donor inquiries about grant eligibility needs accurate, current program descriptions. An insurance agent triaging service request requires precise, unambiguous coverage definitions. In both cases, the agent is only as good as the content it can access.

Checklist Items:

• Salesforce Knowledge is enabled and articles exist for the primary topics the agent will address

• Knowledge articles have been reviewed for accuracy within the past 12 months

• Articles are categorized and tagged in a way that supports retrieval (not just stored as undiscoverable documents)

• Process documents or policy guidelines that agents need to reference are either in Knowledge or accessible through a connected data source

• A content owner has been identified who is responsible for keeping agent-referenced content current post-deployment

6. Integration Integrity

Most enterprise Salesforce orgs are not islands. They integrate with portfolio management platforms, policy administration systems, accounting software, ERP tools, or external donor databases. Agentforce agents that need to take action or surface information from these connected systems depend entirely on those integrations functioning reliably.

Flaky integrations that are tolerable when a human is reviewing the results become intolerable when an agent is making autonomous decisions based on them. An agent that surfaces stale portfolio values because a financial data integration has a twelve-hour sync delay is not an AI problem, but it looks like one.

Checklist Items:

• All integrations feeding data into objects the agent will use have documented sync frequencies and are actively monitored

• Integration error rates over the past 90 days are within acceptable thresholds

• Data sourced from external systems has a clear freshness indicator the agent can consider

• There is an alerting or escalation process when a critical integration fails

• External APIs the agent may call have sufficient rate limits and SLA guarantees for production load

7. Human Escalation and Oversight Design

Fully autonomous agents are the headline, but the reality of most production deployments involves a mix of autonomous action and human oversight. The question is not whether your agents will ever need to hand off to a human—they will. The question is whether you have designed that handoff intentionally.

In wealth management, certain client communications or transaction recommendations may legally require human review before delivery. In insurance, complex claims or fraud-flagged cases need an adjuster in the loop before the agent acts. In nonprofits, major donor interactions may warrant human judgment that a well-trained agent should recognize it lacks.

Organizations that define these boundaries before deployment avoid agents that either autonomously do things they should not, or agents that escalate everything because no one thought through where the lines are.

Checklist Items:

• Escalation scenarios have been defined: which situations require a human before the agent takes action

• The handoff mechanism is configured (queue routing, case assignment, notification triggers)

• Response SLAs for human-escalated items have been set and communicated to relevant teams

• There is a monitoring process for identifying patterns in agent escalations post-deployment

• Staff who receive escalated agent handoffs have been trained on what to expect and how to respond

8. Org Health and Technical Debt

This is the readiness domain that does not appear in any vendor presentation and that organizations are most reluctant to discuss honestly. Every Salesforce org accumulates technical debt over time. Unused custom objects. Apex code that nobody on the current team wrote or fully understands. Permission sets granted years ago that have never been audited. Validation rules that were disabled as a temporary fix and never re-enabled. Adding an AI layer on top of a fragile foundation does not stabilize the foundation. It amplifies whatever is already there—including the instability.

Checklist Items:

• A Salesforce Health Check score of 80 or higher (or a plan to address identified gaps before deployment)

• Apex code coverage is at or above 75% for classes related to agent-adjacent functionality

• Governor limit violations in the past 90 days have been investigated and addressed

• Inactive users have been deactivated and their record ownership transferred appropriately

• Storage utilization is not approaching limits that could affect agent-created record volumes

Industry-Specific Considerations

The eight domains above apply universally. But each industry brings additional readiness considerations that are worth calling out directly.

Wealth Management

Regulatory context is the defining consideration. Agentforce agents in wealth management operate in an environment shaped by fiduciary obligations, suitability requirements, and communication compliance standards. The most immediately useful agents—those that surface client insights, flag portfolio drift, or draft outreach—also carry the highest compliance exposure if they surface the wrong information or communicate in ways that imply a recommendation.

Readiness in this context means close coordination between IT, compliance, and legal before any agent touches client-facing workflows. It also means understanding how your firm's existing oversight frameworks—review queues, supervision logs, communication archiving—apply to AI-generated or AI-assisted outputs.

Insurance

Insurance operations are particularly well-suited for Agentforce because of the high volume of structured, repeatable interactions—intake, triage, status updates, documentation requests. But that same structure means that errors propagate consistently and at scale. A misrouted claim handled by a human is an exception. The same logic error in an agent is a pattern.

Readiness here means investing heavily in data quality for policy and claimant records, ensuring your claims and policy objects in Salesforce are clean enough to be trusted for automated decision inputs, and defining clear containment protocols for the agent interactions that should always trigger human review.

Nonprofit

Nonprofits face a different set of readiness challenges than their enterprise counterparts: leaner technical teams, constituent data that is often volunteer-maintained, and Salesforce orgs that have sometimes been configured piecemeal over years of staff turnover. The opportunity with Agentforce is significant—agents that engage lapsed donors, answer program inquiries, or coordinate volunteer scheduling can radically extend the capacity of small teams.

The readiness work for nonprofits often starts with constituent data hygiene and knowledge content creation. If your Knowledge base is empty or your donor records have significant gaps in key fields, those are the most impactful investments to make before any agent configuration begins.

Interpreting Your Results

After working through the checklist, most organizations land in one of three places.

Mostly Checked: Deploy with Confidence

Your org has the foundation Agentforce needs to deliver on its potential. Focus your pre-deployment work on defining agent scope clearly, designing human escalation protocols, and establishing baseline metrics to measure agent performance against.

Mixed Results: Deploy Narrowly While Closing Gaps

This is where most organizations land, and it is a perfectly viable position. Identify which domains are solid and scope your first agent deployment to work primarily within those. A well-contained initial deployment—perhaps an internal service request agent that does not touch regulated client data—lets you build team confidence and operational familiarity while the higher-risk gaps get addressed in parallel.

Significant Gaps: Invest in the Foundation First

This is not bad news—it is valuable intelligence. Organizations that discover foundational gaps before deployment avoid far more expensive remediation after it. The work ahead is org hardening: data cleanup, automation consolidation, schema rationalization. These investments pay dividends beyond Agentforce; they make the entire Salesforce implementation more reliable and easier to maintain.

The Question Behind the Checklist

Every item on this checklist reflects a single underlying question: Do you trust your Salesforce org enough to let AI act on it autonomously? That is a different question than 'Is our Salesforce good enough for our team to use every day?' Humans tolerate incomplete data, navigate around broken automation, and apply judgment to compensate for system limitations. Agents act on what is there.

The organizations that will get the most out of Agentforce are not necessarily those with the most sophisticated configurations. They are the ones with the most honest relationship with their own data and infrastructure—who know what their org can support and who have closed the gaps between their current state and the foundation a reliable AI layer requires. The checklist is not a prerequisite for curiosity or experimentation. Sandboxes exist for a reason. But for production deployments—agents that touch real clients, real policies, real donors—readiness is not optional. It is the entire game.

Getting Started

Start with an honest internal conversation using this checklist as the agenda. Bring your Salesforce admin, your data steward if you have one, your compliance lead, and whoever owns your core business processes into the same room.

\Work through each domain. Rate yourselves and don't be afraid to disagree with each other—that's usually where the most important insights surface. Document the gaps you identify and assign owners to each one before deciding which agent use case is the right starting point given your readiness profile. Not the most impressive use case or one that will generate the most internal excitement—the one where your foundation is strong enough that the agent can actually succeed and where that success will build the momentum and institutional confidence to go further. Agentforce is a genuine step-change in what Salesforce can do for your organization. Getting the foundation right is what turns that potential into outcomes you can depend on.

Partner with Ohana Focus

Prepare your Salesforce org for the AI era with expert guidance.

Schedule your free consultation today.

Ohana Focus specializes in helping organizations across wealth management, insurance, and nonprofit sectors build the Salesforce foundations that AI requires. We conduct readiness assessments, close data and architecture gaps, and guide teams from initial configuration through confident production deployment. We bring:

• Agentforce readiness assessments tailored to your industry

• Data quality and schema remediation services

• Security model and permissions design for AI agent contexts

• Escalation and oversight framework design

• End-to-end deployment support from sandbox to production

About Ohana Focus

Ohana Focus is a certified Salesforce consulting partner dedicated to helping organizations harness the full potential of their Salesforce investment. We believe AI works best when it is built on a foundation of clean data, clear processes, and intentional architecture. Our team brings deep expertise in Salesforce platform health, Agentforce readiness, and industry-specific compliance contexts across wealth management, insurance, and the nonprofit sector.