Which is a best practice regarding FF Permission Sets/Groups?

Cloning out-of-the-box (OOTB) Permission Sets and Groups is a recognized best practice because it allows administrators to retain the original settings and functionality of the OOTB permissions while customizing them for specific needs. By cloning, you create a new version that can be modified without affecting the core permissions that come with the application. This approach preserves the integrity of the system and reduces the risk of inadvertently introducing errors or losing critical functionality in OOTB permission sets.

Additionally, maintaining the original OOTB permission sets ensures that if there are updates or changes in future releases of the software, administrators can easily refer to the standard permissions without the need to reverse any custom modifications. It promotes a clean and manageable permission structure, aiding in troubleshooting and compliance.

Using individual Permission Sets, solely creating new Permission Groups, or editing OOTB Permission Sets compromises best practices as they can lead to complexity, loss of functionality, or difficulties in management and maintenance over time. Cloning provides the flexibility needed while still adhering to a structured approach to permissions.