Normally customization of CRM is conducted by two Security Roles: the System Administrator and System Customizer. Typically these Security Roles have privileges to perform all customization tasks. CRM allows for customizations to safely take place in production systems. Many administrators of CRM systems have delegated some basic customization tasks to other users.
Here is a suggested ‘privilege update’ for the Sales Manager:
Now the Sales Manager Security Role can Create and Update Entities, Attributes and Relationships. However they cannot delete any customizations. I strongly recommend that you do not allocate the Delete privilege to end users. It’s one thing to let end users add some new attributes it’s another thing to let them delete stuff!