CRM Audit Checklist

Run Klaviyo's duplicate-profile finder and merge by email-as-primary-identifier. Watch for profiles created from Shopify checkout (email lowercase) versus pop-up forms (email mixed case) — same person, two profiles, split history. Document any merges that affect VIP segment membership.

Pull the last 30 days of campaign and flow sends. Flag any send with bounce rate > 2%, complaint rate > 0.1%, or open rate sharply below the rolling baseline (likely Apple MPP noise vs. real engagement drop). Confirm DKIM, SPF, and DMARC are still aligned in the sending domain settings.

Soft bounces older than 90 days that have since shown engagement are candidates for re-activation. Hard bounces and unsubscribes stay suppressed. Don't blanket-clear suppressions — that's the fastest path to a sender-reputation crash and a Gmail spam-folder placement.

Confirm VIP thresholds (e.g., $500 LTV / 3+ orders) still match this year's AOV. Static thresholds set 18 months ago drift as pricing changes. Cross-check segment counts against last quarter — a 40%+ swing usually means a definition or sync problem, not real customer behavior.

Place a real test order halfway through checkout, abandon, and confirm the trigger fires within the configured delay. The race condition to watch for: customer completes checkout while the abandonment email is queued — Klaviyo's 'Placed Order since starting flow' filter must be set on every message, not just the first.

Sample 10 recent orders and confirm the post-purchase flow branched to the correct product-specific path (review request, replenishment reminder, cross-sell). SKU-renames in Shopify often break conditional splits silently.

Pull customers whose last purchase was 90, 180, and 365 days ago. Confirm each cohort lands in the right winback flow with offer escalation that matches margin tolerance. A 30% off winback to a customer who already bought at 30% off is margin-destroying.

Create a test Shopify customer and a test order; confirm the profile, order events, and product properties land in Klaviyo within 5 minutes. Repeat for a guest checkout — guest-to-known-profile linking is where most syncs silently lose data.

Open 5 recent Gorgias tickets and confirm each shows Shopify order history and Klaviyo profile in the customer sidebar. Missing context here is the #1 reason CX agents send canned replies that don't match the customer's actual order status.

Confirm 'Reviewed Product' events flow back to Klaviyo with star rating and product. This drives the 1-star-review apology flow and the 5-star-reviewer referral ask — both of which break silently when Yotpo updates its API version.

Check the integrations dashboard for any source showing 'last sync' > 24 hours ago or any webhook with a failure rate above 1%. A stalled integration looks identical to 'no activity' in the UI — confirm by event count, not by absence of error banner.

Sample 25 SMS subscribers and confirm each has a captured opt-in source, timestamp, and the disclosure language that was shown at the time. Missing express-written-consent records are a per-message TCPA exposure ($500-$1,500 each). Postscript and Attentive both expose this in subscriber detail.

Send a test, unsubscribe, and confirm removal across all lists within 10 business days (CAN-SPAM ceiling). Confirm the physical postal address in the email footer is current. Confirm STOP keyword on SMS removes the subscriber from all SMS flows, not just the originating one.

Pull the DSAR log from the past quarter. Each request needs evidence of fulfillment within 30 days (GDPR) or 45 days (CCPA). Confirm the 'Do Not Sell or Share' link on the storefront actually flows through to a suppression on Klaviyo, Meta CAPI, and any other audience partners.

Compare the privacy-policy retention schedule to actual data in the CRM. Customers who haven't engaged in 5 years still sitting in a marketable list is a common gap. Either the policy needs updating, or the data needs purging — pick one and align.

Klaviyo's attributed revenue should reconcile against Shopify total revenue within the configured attribution window (default 5-day click, 1-day open). Large variances usually mean a tracking gap — UTMs missing, cookie consent blocking, or the Shopify integration being out for a period (cross-reference with the integrations audit).

Confirm cohorted LTV in Lifetimely or Triple Whale matches a manual SQL pull within 2%. Confirm CAC includes platform fees, agency retainer, and creative production — not just media spend. Bad LTV/CAC numbers drive bad acquisition decisions for an entire quarter.