Use the left navigation to move through the PLUTO lifecycle: cases, scenarios, assumptions, business input, analysis, risk items, treatment plans, objectives, work items, and evidence.

Modeled Exposure $7.2M Across healthcare scenarios

Residual Exposure $3.9M After active treatment plans

Planned Reduction $2.4M Objectives in flight

Completed Reduction $910K Evidence-backed this quarter

Top Healthcare Risk Items

Finalized and in-progress scenarios sorted by exposure, maturity, and treatment status.

Risk Item	Exposure	Confidence	Owner	Maturity
EHR downtime from ransomware disrupts clinical operations Case: EHR downtime review	$4.6M	High	Clinical Ops	Level 3
PHI exposure from account compromise triggers breach response Case: Identity and PHI exposure review	$1.8M	Medium	Privacy Office	Input Requested
Medical device segmentation gap creates operational risk Case: Clinical engineering network review	$820K	Low	Clinical Engineering	Level 1
Third-party billing vendor breach delays revenue operations Case: Vendor incident exposure review	$1.2M	Medium	Revenue Cycle	Level 2

Guided Scenario Intake

Plain-English intake that drafts scenarios and core assumptions for business validation.

Draft

Step 1

Choose the starting point

Select the case and template PLUTO should use for the first draft.

Case Template

Scenario patterns create validation work, not final estimates. PLUTO creates the scenario plus time impact, loss magnitude, and frequency assumption outlines for business validation.

Step 2

Describe the concern

Short, direct business language is best.

Primary concern What bad thing are we trying to understand? Affected areas Systems, teams, or processes in scope. Decision supported How this scenario will be used. Existing controls

Business Input and Work Status

Open validation requests and treatment objectives that need attention.

Validate EHR downtime duration assumption Requested from: Clinical Operations - due May 17

Sent

Complete quarterly restore test for Tier 1 clinical systems Owner: Infrastructure - evidence required

$780K/yr

Document manual downtime workflow coverage by department Owner: Emergency Management - due May 31

$410K/yr

Executive Reports

Leadership-ready outputs generated from validated scenarios and active treatment work.

EHR downtime executive risk summary

Shows exposure, confidence, treatment decision, required evidence, and residual risk.

Level 3$2.1M residual

Third-party billing vendor exposure brief

Shows vendor breach exposure, revenue impact assumptions, treatment path, and evidence gaps.

Level 2$1.2M modeled

PLUTO Executive Risk Summary

EHR downtime review

A ransomware event prevents reliable access to the EHR, forcing manual downtime procedures and delaying clinical operations.

Expected Annual Loss $4.6M

Residual Expected Loss $2.1M

P95 Loss $8.9M

Completed Reduction $910K

Scenario and Impact

Threat event: ransomware disrupts access to core clinical systems.

Affected process: patient care coordination, emergency department intake, inpatient documentation, and recovery operations.

Control weakness: restore testing and downtime workflow validation are not yet consistent across critical departments.

Treatment Position

Decision: Mitigate.

Rationale: reduce downtime duration and recovery uncertainty through restore testing, downtime workflow signoff, and monitoring improvements.

Key Assumptions

Clinical downtime duration - Medium confidence, validation requested from Clinical Operations.

Recovery labor cost - High confidence, validated by Infrastructure.

Manual workflow coverage - Medium confidence, evidence still required.

Work Status

1 completed objective.

2 active objectives.

1 blocked objective awaiting business validation.

3 work items tracked.

Evidence Summary

2 evidence items collected.

Restore test summary reviewed; downtime workflow signoff packet submitted.

Decision / Ask

Approve the treatment path, assign owners for outstanding validation, and require evidence before residual risk is recalculated.

PLUTO Executive Risk Summary

Third-party billing vendor exposure brief

A billing operations vendor experiences a security incident that interrupts claims processing, delays revenue workflows, and creates privacy review obligations.

Expected Annual Loss $1.2M

Residual Expected Loss $720K

P95 Loss $3.4M

Completed Reduction $180K

Scenario and Impact

Threat event: third-party vendor breach or outage impacts billing operations.

Affected process: claims submission, payment posting, patient billing support, and privacy review.

Control weakness: vendor incident response expectations, evidence requirements, and alternate processing workflows are not fully validated.

Treatment Position

Decision: Mitigate.

Rationale: reduce revenue interruption and response uncertainty through vendor SLA validation, alternate workflow testing, and evidence-backed tabletop review.

Key Assumptions

Claims processing interruption - Medium confidence, validation requested from Revenue Operations.

Vendor notification timing - Low confidence, contract evidence still required.

Privacy review effort - Medium confidence, estimate provided by Privacy Office.

Work Status

0 completed objectives.

3 active objectives.

1 blocked objective awaiting vendor documentation.

4 work items tracked.

Evidence Summary

1 evidence item collected.

Vendor contact matrix submitted; contract SLA and alternate workflow test evidence still required.

Decision / Ask

Approve vendor response validation, assign revenue operations owner, and require SLA evidence before moving this brief to executive-ready status.

Active Objectives 9Across treatment plans

Blocked Work 2Evidence or owner needed

Due This Month 5Priority work items

Work Queue

Risk-derived work items with owners, expected reduction, and status.

Complete restore test for Tier 1 clinical systems

Owner: Infrastructure. Evidence: restore report and screenshots.

Active$780K/yr

Validate downtime workflow coverage by department

Owner: Emergency Management. Linked to EHR downtime scenario.

In Review$410K/yr

Confirm vendor incident communication SLA

Owner: Vendor Management. Evidence still required.

Blocked$260K/yr

Cases

Parent workspaces for investigations, business concerns, and risk programs.

EHR downtime review

Business owner: Clinical Operations. Security owner: Infrastructure Security.

HighActive

Identity and PHI exposure review

Business owner: Privacy Office. Security owner: IAM.

MediumReview

Vendor incident exposure review

Business owner: Revenue Cycle. Security owner: Third Party Risk.

HighActive

Scenarios

Drafts ready for assumptions, business validation, and analysis.

Ransomware disrupts EHR access

Clinical downtime, recovery effort, delayed care coordination, and response cost.

Level 3$4.6M

Compromised account exposes PHI

Investigation cost, notification obligations, legal review, and operational disruption.

Input Requested$1.8M

Assumptions

Inputs, ranges, sources, confidence, and validation state behind every modeled output.

Assumption	Range	Source	Confidence	Validation
Time impact estimate Time Impact	8-36 hours	Clinical Ops validation	Medium	Requested
Loss magnitude estimate Loss Magnitude	$120K-$440K	Finance validation	High	Validated
Frequency estimate Frequency	0.1-0.4 events/year	Security and ops input	Medium	Needs Validation

Business Input Requests

Targeted validation requests for stakeholders who know the impact details.

Validate clinical downtime duration

Recipient role: Clinical Operations. Due May 17.

Sent

Confirm revenue cycle interruption cost

Recipient role: Revenue Operations. Due May 20.

Draft

Scenario Analysis

Save or update the scenario's modeled exposure, residual loss, and treatment value.

Scenario

Frequency min Frequency likely Frequency max Success % min Success % likely Success % max Loss min Loss likely Loss max Treatment effect % Treatment cost Confidence Treatment decision Review date

Risk Items

Finalized modeled risks with treatment decision, confidence, and residual exposure.

EHR downtime from ransomware

Treatment decision: Mitigate. Confidence: High.

$4.6MActive

PHI exposure from account compromise

Treatment decision: Mitigate. Confidence: Medium.

$1.8MReview

Treatment Plans

Approved responses with rationale, cost, expected reduction, and owner.

Improve clinical-system recovery assurance

Strategy: Mitigate. Rationale: reduce downtime duration and recovery uncertainty.

$1.9M expected reductionApproved

Tighten privileged access monitoring

Strategy: Mitigate. Rationale: lower likelihood of PHI exposure through account misuse.

$640K expected reductionDraft

Objectives

Risk-reduction outcomes with owners, due dates, effort, confidence, and evidence needs.

Complete restore test for Tier 1 clinical systemsOwner: Infrastructure - due May 24

$780K/yr

Validate downtime workflow coverage by departmentOwner: Emergency Management - due May 31

$410K/yr

Work Items

Assigned security work derived from approved objectives and risk-reduction theses.

Run restore test in non-production recovery environment

Assignee: Infrastructure Analyst. Due May 21.

Active

Collect department downtime signoff artifacts

Assignee: Emergency Management Coordinator. Due May 28.

In Progress

Update escalation checklist for clinical-system outage

Assignee: Incident Response Lead. Due June 4.

Not Started

Evidence

Artifacts that prove completion and support residual risk recalculation.

Restore test summary

Linked to restore testing objective. Status: reviewed.

Reviewed

Downtime workflow signoff packet

Linked to departmental workflow validation. Status: submitted.

Submitted

Privileged access alert tuning evidence

Linked to account compromise treatment plan. Status: requested.

Requested