Resource Registry Project Update
This article applies to: Cornell IT Resource Registry
About the Project
Following consensus reached by CIT Directors and internal stakeholders, CIT and Custom Development created the first release of the Resource Registry to establish a baseline web application inventory as well as to replace CIT's current IT Portfolio application.
Lessons learned from this internal adoption will refine the product to make it suitable for a gradual university-wide rollout.
Phase 1
CIT's internal IT Portfolio tool was selected to first adopt the Resource Registry. Data from the IT Portfolio helped shape website infrastructure and operational capabilities, as well as lay the groundwork for a unified web-app inventory. CIT Service Management implemented the Resource Registry in February 2026.
Phase 2
Resource Registry integrates with Shibboleth to expand the service to the CIT systems. This will allow developers who use Shibboleth for web-based applications to integrate with the Registry. Full production for phase 2 is expected to be completed in July 2026.
Ongoing
Proof-of-concept has been successfully conducted with Resilient Cornell to support the recommendation that the Resource Registry will be used at the Cornell campus for the custom application inventory of a broad array of over 2,000 NetID-protected web applications at the university. Development also continues to integrate the Resource Registry with Secure Connect.
Based on original discovery efforts for this project, this means that for all applications, key constituents will understand, record, and/or assign:
- ownership
- purpose
- mission criticality
- data sensitivity
- location
- security risks (including data risk)
- security controls (implementing risk-appropriate controls consistent with its security status)
- life cycle stage
Related Projects
Secure Connect
The Secure Connect passkey program aims to significantly reduce the likelihood of a password compromise impacting sensitive systems. The Resource Registry will help Cornell meet this goal with the data provided by service owners and system creators.
Cornell Experience Modernization Initiative (CEMI)
As part of CEMI, an analysis is being done to understand why gap applications (programs created to fill niche needs) arose at the university. The Resource Registry can support CEMI's ongoing analysis of this essential and complex web of internally developed systems that are increasingly difficult to maintain and secure.
Comments?
To share feedback about this page or request support, log in with your NetID