When should sales operations own the CRM versus IT — and what's the handoff model?

Question

Pulse RevOps · The Machine · Accepted Answer

## Direct Answer

Sales ops should own **day-to-day CRM strategy, process, and user adoption**; IT owns **infrastructure, security, API governance, and system integrations**. The handoff occurs at the **data layer and API boundary** — sales ops defines what data flows where, IT ensures it flows securely and at scale.

---

## Operator Context

**CRM ownership split:**
- **Sales Ops owns:** Field design, layout configuration, validation rules, object relationships, process automation (workflows, approvals), reporting standards, user onboarding, data quality governance
- **IT owns:** User access provisioning, security/compliance (HIPAA, SOC 2), API keys and OAuth flows, Salesforce infrastructure (orgs, capacity), disaster recovery, system monitoring

**The handoff model** prevents friction:

| Activity | Owner | Partner Role |
|----------|-------|----------|
| CRM field requirement → design | Sales Ops | IT reviews for data governance |
| Field deployment | Sales Ops | IT approves for security risk |
| API integration planning | Sales Ops (initiates) | IT gates and deploys |
| User permission model | IT (architect) | Sales Ops (policy) |
| Audit logging setup | IT | Sales Ops provides audit criteria |
| Emergency access grant | IT | Sales Ops justifies business case |

**Key friction points & fixes:**

1. **"Who approves new integrations?"** → Sales Ops identifies need (e.g., Pavilion sync), IT validates API rate limits and security. Both sign off.

2. **"Who owns data quality?"** → Sales Ops sets standards (e.g., "Accounts must have Industry field"), IT enforces via automation and permissions.

3. **"Who manages user provisioning?"** → IT executes, Sales Ops provides the list + required permissions matrix.

**Recommended governance cadence:**
- Weekly: Sales Ops + IT 30-min sync (blockers, integrations, access requests)
- Monthly: CRM health review (data quality, system performance, user feedback)
- Quarterly: Capacity + architecture planning (new fields, API limits, Salesforce edition roadmap)

**When to escalate:**
- New vendor integration → IT security review required
- Custom API development → Joint architecture kickoff
- Compliance change (GDPR, industry audit) → IT leads, Sales Ops participates
- Performance degradation → IT diagnostics, Sales Ops provides user impact

---

## Workflow Diagram

```mermaid
sequenceDiagram
    participant SO as Sales Ops
    participant IT as IT/Admin
    participant CRM as Salesforce
    
    SO->>SO: Identify field/process need
    SO->>IT: Submit requirement (form/ticket)
    IT->>IT: Security/compliance review
    IT-->>SO: Approve or request changes
    SO->>CRM: Design field/workflow
    IT->>CRM: Set permissions & access controls
    SO->>SO: Train users
    IT->>IT: Monitor system performance
    SO->>IT: Report data quality issues
    IT->>CRM: Apply fixes/patches
```

This model keeps Sales Ops focused on **adoption and ROI**, while IT protects **data and compliance**. The boundary is clear, but the partnership is continuous.

TAGS: CRM ownership,sales operations,IT partnership,Salesforce governance,system integration,data quality,access control,compliance

Activity	Owner	Partner Role
CRM field requirement → design	Sales Ops	IT reviews for data governance
Field deployment	Sales Ops	IT approves for security risk
API integration planning	Sales Ops (initiates)	IT gates and deploys
User permission model	IT (architect)	Sales Ops (policy)
Audit logging setup	IT	Sales Ops provides audit criteria
Emergency access grant	IT	Sales Ops justifies business case

When should sales operations own the CRM versus IT — and what's the handoff model?

Direct Answer

Operator Context

Workflow Diagram

What does the score mean?