Redirecting to default login... Maintaining Application Data in ATLAS – Mobility Center of Excellence Team Website

How to Maintain Application Data in ATLAS

September 2022: Article by Daniel Sou, Sr IT Consultant, HP BIO TIM MGMT

ATLAS Release NotesATLAS Job Aids and FAQsApplication Support Requests


All applications across Kaiser must be registered in the Application Technology Lifecycle and Analysis System (ATLAS), the system of record for KP applications. ATLAS provides visibility into the technology running on KP’s network, increasing operational efficiency and protecting sensitive data.

Why do I need an application in ATLAS?

The data in ATLAS is used for a variety of Kaiser initiatives. ATLAS data supports work such as: emergency preparedness, Application Lifecycle Management (ALM), Cloud Suitability Assessment (CSA), incident response patch management, workload mobility, leadership decision making and much more. This makes the accuracy of data in ATLAS incredibly important.

Kaiser Permanente currently supports over 2,000 applications across its organizational reach.  Applications can be supported by IT, vendors, or by various program office and business owners.  It is imperative to gain visibility across the application portfolio in order to manage our applications and data, and to mitigate security and compliance risk.  ATLAS provides a central repository of our application’s information to improve visibility across our applications portfolio. 

Applications are functional, integrated IT solutions that has been configured to meet Kaiser Permanente-specific requirements for end users.

Applications have one or more of following characteristics:

  • Stores sensitive information
  • Poses a security or compliance risk
  • Supported by KP resources
  • Follows an application lifecycle

Applications tracked in ATLAS include:

  • Corporate systems (e.g. OneLink)
  • Care Delivery Applications (e.g. KP HealthConnect)
  • Data Marts (e.g. KP Insight, Claims Data Warehouse)
  • ClinTech / Edge Applications (not devices) 
  • RPA/BOTs 
  • Executive dashboards (e.g. OHIP heatmap)
  • Dynamic Websites (e.g. Kp.org)
  • AI/ML (potential future state)
  • SaaS Applications (e.g. Salesforce)

If there is no ATLAS record, the Technology Risk Office will not perform their assessment of a mobile app during the MCoE certification process.

How do I submit a request?

You can submit an Application Support Request in ServiceNow to request a variety of services including:

  • Access Support
  • Ad Hoc Reports Request
  • Application Management Process Consulting (including consultation on creation of an application record)
  • Data Updates
  • General Consult
  • Small Enhancement Request

For more information see How To: Submit a Request for ATLAS.

How do I access ATLAS?

Everyone in the organization with an SSO login has Limited Viewer access in ATLAS. If you are responsible for creating and/or maintaining applications, you need to request Application Steward access. For more information, see How To: Request Access.

Training is required for all users requesting read/write access in ATLAS. Training is available in KP Learn:

  • For Enhanced Viewer access complete the course “ATLAS User Experience Basics” (Class ID: 00789547)
  • In addition, for Application Steward access complete the course “ATLAS Update Application” (Class ID: 00789547)

How do we keep information in ATLAS current and accurate?

To help our application teams stay on top of the necessary updates, the ATLAS application validation workflow process was implemented to routinely review application information and maintain data accuracy and quality over time. 

Every 180 days (6 months) application teams are required to perform attestations for the validity of the application(s)’ data. This process is intended to ensure that at any given time, we know where our assets are located and who owns and utilizes those assets.

Unlike other validations or “attestations”, this workflow does not allow users to skip steps or ignore missing information by requiring, at a minimum:  

  • Review and replacement of inactive contacts related to the application
  • Review of software components and the versions used by the application to function (assists with ALM planning)
  • Review of servers associated to each of the deployments which are used/no longer used, assisting in ILM planning
  • Review or addition of missing application-managed databases
  • Review of application status to determine if an update is needed

Executive dashboards have been developed to track completion of validation for each application. Applications that have not completed validation within 30 days of the due date are escalated to the appropriate teams/leaders until completed. These steps are vital to ensuring high-quality data about our technology environment.

Who is responsible for this data and how can you help?

Maintaining data quality is the responsibility of every team that supports an application in ATLAS, however, if you identify an issue (and do not have the ability to update), it is your responsibility to work with the application team to correct the data. In doing so, the next person accessing the data will have the most accurate and up-to-date information possible, which may be just the thing that saves Kaiser and its members the pain of a security vulnerability. We all have a role to play in maintaining good ATLAS data quality.

For more information about ATLAS and how you can help ensure accurate data, please visit the ITSS Portal.

© 2022 Kaiser Permanente

——————
For questions or feedback about this article reach us at MCoE-Comms@kp.org.
Visit the MCoE newsletter archives or tech news archives. Email MCoE-Comms@kp.org to subscribe to our newsletter.

Leave a Reply