FUJ00121975
FUJ00121975
Page 1 of 1
Thomas Penny
From: —graham.c.ward:
Sent: Tuesday, May 25, 2004 10:55 AM
To: Fujitsu) = GRO
Ce: MitcheliWiliam .
Subject: Witness statement request & Forest
Penny
e Please supply a witness statement in respect of ARQ's 137 & 138 St Kew Highway. Usual
statement (all Para's aside K). This case is linked to ARQ's 231 - 233 incl (Carbis Bay) for
which Neneh has already supplied a statement (Sept 03). A crown court trial is scheduled for
w/c 4th Sept 04.
e In respect of Forest Gate - (and just to complicate matters), this case is also linked, to ARQ's
253, 254 & 284 (Eastern) for which we have received a statement from Neneh. Please check
that the data supplied for these ARQ's was complete. Our legal services have agreed that the
Forest Gate data can be supplied by Penny (and you may also need to re-create the Eastern
data depending on whether it was complete or not) with a supporting statement including an
explanation as to.how days were omitted from the original data supplied. This does not mean
that Neneh will not be required however as her statement has already been included in the
commital and it will be down to the Defence as to whether she is called or not. The trial for
this case is due to go ahead on the 21 June 04.
If there are any problems-please give me a call
Regards
Graham
FESSOR SGA IGG ISGG SIE BSIG AS GIEGE ICIS GO SGSIG OIA EAA I
This email and any attachments are confidential and intended for the addressee only. If you are not
the named recipient, you must not use, disclose, reproduce, copy or distribute the contents of this
communication. If you have received this in error, please contact the sender and then delete this
email from your system.
2 to lok i ek ok died foi tok i tok efor ak kak kkk ko ik kk kk ok kk dk a
I Now I Nov Oy
_
5/25/04
FUJ00121975
FUJ00121975
Page 1 of 2
we .
Thomas Penny
Penny / Pete
As outlined in my previous e mail Neneh has been called as a witness and whilst I am aware of her
circumstances, the defence may still insist on her attendance. Our legal Services Department will
write to the defence to ask whether an alternative witness can provide a statement producing copies
of the original data supplied. Whilst I would hope that they will have no objections, I cannot say for
definite until we have heard from them.
As soon as I get answer I will let you know. Providing this is acceptable to the defence we will just
need to mindful of providing the data and statement in a timely fashion so as to avoid any criticism
from the court.
Speak soon
Graham
----- Forwarded by Graham C Ward/e/POSTOFFICE on 17/05/2004 10:40 -----
Graham To: Thomas Penny <
CWard cc: Mitchell William! GRO
Subject: Witness - Neen require
13/05/2004
10:51
Penny
Neneh supplied a statement in Sept last year iro of ARQ's 198, 199 & 200 - Forest Gate. This case
has now been fixed for a trial at Kingston CC w/c 21/06/04. At this point all witnesses are fully
bound meaning Neneh is likely to be required. The statement included references to call logs to the
HSH. Can you please confirm as soon as possible whether Neneh can attend.
Regards
Graham
Casework Manager
Operations
Post Office Ltd Security
PO BOX 1
Croydon
CR9 1WN
STD Phone: {
5/18/04
FUJ00121975
FUJ00121975
Page 2 of 2
FEISS IG EEI AOC GOCE O IB GEEEI ECOG ECE IORI OIA RICE AE
This email and any attachments are confidential and intended for the addressee only. If you are not
the named recipient, you must not use, disclose, reproduce, copy or distribute the contents of this
communication. If you have received this in error, please contact the sender and then delete this
5/18/04
FUJ00121975
FUJ00121975
Page 1 of 2
Thomas Penny
From: Thomas Penny
Sent: Thursday, May 13, 2004 12:00
To: Mitchell William
Ce: Sewell Peter (FELO1)
Subject: FW: Witness - Neneh required
Importance: High
Hi
This request covers:-
198 14/10/02 to 13/11/02 31 old days
199 14/11/02 to 11/12/02 28 old days
200 12/12/02 to 8/1/03 22 old days and 6 new days
I spoke to Graham about re-creating this data and he said if that was what we wanted to do he would ask if
that was OK.
Please advise.
Penny
From: graham.c.ward
Sent: Thursday, May 1373004 11°
To: Thomas Penny
Ce: Mitchell William
Subject: Witness - Neneh required
Penny
Neneh supplied a statement in Sept last year iro of ARQ's 198, 199 & 200 - Forest Gate. This case
has now been fixed for a trial at Kingston CC w/c 21/06/04. At this point all witnesses are fully
bound meaning Neneh is likely to be required. The statement included references to call logs to the
HSH. Can you please confirm as soon as possible whether Neneh can attend.
Regards
Graham
Casework Manager
Operations
Post Office Ltd Security
PO BOX 1
Croydon
CR9 1WN
JESS SIGS OI IS ISR ISIGIEI SII SIGE SIGIIRICSIS ICICI ACI OGIO ISIS ISIS ICI IGG IACI IA I KE
This email and any attachments are confidential and intended for the addressee only. If you are not
5/18/04
FUJ00121975
FUJ00121975
—
Ci I
Witness Statement '
CJ Act 1967, s.9: MC Act 1980, ss.5A(3)(a) and 5B: MC Rules 1981,r.70) I
Statement of: Beatrice Neneh_Lowther.
Age if under 18: Over 18 (if over 18 insert ‘Over 18’)
Occupation: IT Security Analyst
This statement (consisting of 7 pages, each signed by me) is true to the best of my
knowledge and belief and I make it knowing that, if it is tendered in evidence, I shall be
liable to prosecution if I have wilfully stated in it anything I know to be false or do not
believe to be true.
Dated the 12th day of September 2003
Signature:
I have been employed by Fujitsu Services, Post Office Account, formally ICL Pathway Ltd., for 3 months
as an Information Technology (IT) Security Analyst responsible for audit data extractions and IT
Security. I have working knowledge of the computer system known.as Horizon, which is a computerised
accounting system used by Post Office Ltd. I am authorised by Fujitsu Services to undertake extractions
of audit data held on the Horizon system and to obtain information regarding system transaction
information processed on the Horizon system.
Within each Post Office, there are counter positions which each have a computer terminal, a visual
display unit and a keyboard and printer. This individual system records all transactions input by the
counter clerk working at that counter position. Each clerk logs on to the system by using their own
unique password. The transactions performed by each clerk, and the associated cash and stock level
information are recorded by the computer system in a stock unit. Once logged on, any transactions
performed by the clerk must be recorded and entered on the computer and are accounted for within the
user's allocated stock unit.
The Horizon system provides a number of daily and weekly records of all transactions input into it. It
enables Post Office users to obtain computer summaries for individual clients of Post Office Limited e.g.
National Savings Bank, Girobank, Driving Vehicle Licence Agency and the Department of Working
Signature..........cssccccseeeseeeeeeeene Signature witnessed by...........:s00seseeeeeeeeee
FUJ00121975
FUJ00121975
Continuation sheet No. 1
Continuation of Statement of: Beatrice Neneh Lowther
Pensions (DWP). The Horizon system also enables the clerk to produce a weekly balance of cash and
stock on hand combined with the other transactions performed in that accounting period.
Where local reports are required these are accessed from an icon on the desktop menu. The user is
presented with a parameter driven menu, which enables the report to be customised to requirements. The
report is then populated from transaction data that is held in the local database and is printed out on the
tally roll printer. The system also allows for information to be transferred to the main accounting
department at Chesterfield in order for the office accounts to be balanced.
The Post Office counter processing functions are provided through a series of counter applications: the
Order Book Control Service (OBCS) that ascertains the validity of DWP order books before payment is
made; the Electronic Point of Sale Service (EPOSS) that enables Postmasters to conduct general retail
trade at the counter and sell products on behalf of their clients; the Automated Payments Service (APS)
provides support for utility companies and others who provide incremental in-payment mechanisms based
on the use of cards and other tokens and the Logistics Feeder Service (LFS) which supports the .
management of cash and value stock. movements to and from the outlet, principally to minimise cash held
overnight in outlets. The counter desktop service and the office platform service on which it runs provides
various common functions for transaction recording and settlement as well as user access control and
session management.
Information from counter transactions is. written into a local database and then replicated automatically to
databases on all other counters within a Post Office outlet. The information is then forwarded over ISDN
(or other communication service) to databases on a set of central Correspondence Servers at the Fujitsu
Services data centres. This is undertaken by a messaging transport system within the Transaction
Management Service (TMS). Various systems then transfer information to Central Servers that control the
flow of information to various support services. Details of outlet transactions are normally sent at least
daily via the system. Details relating to the outlet's stock holding and cash account are sent weekly. Details
are then forwarded daily via a file transfer service to the Post Office accounting department at Chesterfield
and also, where appropriate, to other Post Office Clients.
Sigmature.........ccccseessseeereeeeeeeee Signature witnessed DY......seeeeeeeeeeceeeees wee
FUJ00121975
FUJ00121975
Continuation sheet No. 2
Continuation of Statement of: Beatrice Neneh Lowther
An audit of all information handled by the TMS is taken daily by copying all new messages to archive
media. This creates a record of all original outlet transaction details including its origin - outlet and
counter, when it happened, who caused it to happen and the outcome. The TMS journal is maintained at
each of the Fujitsu Services Data Centre sites and is created by securely replicating all transaction records
that occurred in every Outlet. They therefore provide the ability to compare the audit track record of the
same transaction recorded in two places to verify that systems were operating correctly. All exceptions are
investigated and reconciled. Records of all transactions are written to audit archive media.
The Horizon system consistently records time in GMT and therefore takes no account of Civil Time
Displacements. The clock incorporated into the desktop application on the counter visual display units is
however configured to indicate local time. This has been the situation at Forest Gate (100002) since 31"
January 2001 when the Horizon system was introduced at that particular Post Office.
The Order Book Control System (OBCS) software, linked to the Horizon system was developed in
conjunction with the DWP. OBCS provides details of DWP order books on the national stop payment list,
and, enables data regarding the movement of order books, and, encashments to be captured on their behalf.
Each Horizon terminal at a Post Office counter has access to the national stop list through OBCS, when a
barcoded DWP order book is scanned at the Post Office counter, or the order book details are manually
keyed into Horizon at the Post Office counter. Each night, the national stop payment list is updated from
information supplied electronically from the DWP computer centre. National stop payment list data is held
centrally within the Horizon system, and is available to all Post Offices. However, certain information
from the national stop payment list is also downloaded to individual Post Offices for faster access; this
download process is called polling. The polling of individual Post Offices also involves receiving details ofI
order book movements and encashments at Post Offices, centrally within Horizon, for onward
transmission to the DWP.
I have access to reports that monitor faults, polling failures, equipment failures and calls for advice and
guidance logged by the Horizon System Helpdesk. During the 01 October 2002 to 31 January 2003, there
FUJ00121975
FUJ00121975
Continuation sheet No. 3
Continuation of Statement of: Beatrice Neneh Lowther
were 13 calls from Forest Gate (FAD 100002) to the Helpdesk. None of these calls relate to faults which
would have had an effect on the integrity of the information held on the system.I collectively produce
copies of these 13 calls as exhibit NL/4 and none of these calls would have had any effect on the
integrity of the system data.
When information relating to individual transactions is requested, the data is extracted from the audit
archive media via the Audit Workstations (AW’s). Information is presented in exactly the same way as.the
data held in the archive although it can be filtered depending upon the type of information requested. The
integrity of audit data is guaranteed at all times from its origination, storage and retrieval to subsequent}
despatch to the requester. Controls have been established that provide assurances to Post Office Internal
Audit (POIA) that this integrity is maintained.
During audit data extraction’s the following controls apply :
1. Extraction’s can only be made through the AWs, which exist at Fujitsu Services, Forest Road, Feltham,
Middlesex, Fujitsu Services, Lovelace Lane, Bracknell, Berkshire and the two Fujitsu Services Data
Centres. These are all subject to rigorous physical security controls appropriate to that -location.
Specifically, the Feltham and Bracknell AWs — where most extractions take place — are located in a
secure room subject to proximity pass access within a secured Fujitsu Services site.
2. Logical access to the AW and its functionality is managed in accordance with the Fujitsu Services, Post
Office Account Security Policy and the principles of ISO 17799. This includes dedicated Logins,
password control and the use of Microsoft Windows NT security features.
3. All extraction’s are logged on the AW and supported by documented Audit Record Queries (ARQ’s),
authorised by nominated persons within Post Office Ltd. This log can be scrutinised on the AW.
Extractions are only made by authorised individuals.
Signature.........ccsesseceeeees aeseee .... Signature witnessed by........... eccccernscesecees
FUJ00121975
FUJ00121975
Continuation sheet No. 4
Continuation of Statement of: Beatrice Neneh Lowther
4. Upon receipt of an ARQ from Post Office Ltd they are interpreted by CS Security.- The details are
checked and the printed request filed.
5. The required files are identified and marked using the dedicated audit tools.
6. Checksum seals are calculated for audit data files when they are written to audit archive media and re-
calculated when the files are retrieved.
7. To assure the integrity of the audit data while on the audit archive media the checksum seal for the file
is re-calculated by the Audit Track Sealer and compared to the original value calculated when the’ file
was originally written to the audit archive media. The result is maintained in a Check Seal Table.
8. The specific ARQ details are used to obtain the specific data.
9. The files are copied to the AW where they are checked and converted into the file type required by Post
Office Ltd.
10.The requested information is copied onto removal CD media, sealed to prevent modification and virus
checked using the latest software. It is then despatched to the Post Office Ltd Casework Manager using
Royal Mail Special Delivery. This ensures that a receipt is provided to Fujitsu Services confirming
delivery.
ARQs 198; 199, 200 were received on 23 July 2003 and asked for information in connection with the Post
Office at Forest Gate (100002). I produce copies of ARQs 198, 199 and 200 as Exhibits NL/IA, NL/2A
and NL/3A respectively. On various dates and at various times between 2] August 2003 to26 August
2003, I undertook extractions of data held on the Horizon system in accordance with the requirements of
ARQs 198, 199 and 200 and followed the procedure outlined above. I produce the resultant CDs as
Exhibits NL/1B, NL/2B and NL/3B respectively.
The report.is formatted with the following headings:
ID — relates to counter position
User — Person Logged on to System
Signature. . Signature witnessed Dy..........ccceeeeeeeeeeseees
FUJ00121975
FUJ00121975
Continuation sheet No. 5
Continuation of Statement of: Beatrice Neneh Lowther
SU — Stock Unit
Start.Date — Date of transaction
Start. Time — Time of transaction
SessionId — A unique string relating to current customer session
TxnId — A unique string relating to current transaction
Mode — e.g. SC which translates to Serve Customer
ProductNo — Product Item Sold
Qty — Quantity of items sold
SaleValue — Value of items sold
Entry method - Method of data capture for OBCS Transactions (0 = barcode, I = manually keyed)
State — Method of manual keyed Entry Method.
IOP - Order Book Number
Result — Order Book Transaction Result
Foreign Indicator — Indicates whether OBCS payment was made at a local or foreign outlet (0- Local,
1- Foreign)
The Event report is formatted with the following headings:
Groupid — FAD code
ID — relates to counter position
Date — Date of transaction
Time — Time of transaction
User — Person Logged on to System
SU — Stock Unit
EPOSSTransaction.T — Event Description
EPOSSTransaction.Ti — Event Result
The CDs (Exhibits NL/1B, NL/2B and NL/3B) were sent to the Post Office Investigation section by
Special Delivery on 29 August. 2003.
Sigmature.........sscccsceeseeeeeeneeenene Signature witnessed by..........s0sesseeeceeeteees
FUJ00121975
FUJ00121975
Continuation sheet No. 6
Continuation of Statement of: Beatrice Neneh Lowther
There is no reason to believe that the information in this statement is inaccurate because of the improper
use of the computer. To the best of my knowledge and belief at all material times the computer was
operating properly, or if not, any respect in which it was not operating properly, or was out of operation
was not such as to effect the information held on it. I hold a responsible position in relation to the working
of the computer.
Any records to which I refer in my statement form part of the records relating to the business of Fujitsu
Services. These were compiled during the ordinary course of business from information supplied by
persons who have or may reasonably be supposed to have personal knowledge of the matter dealt with in
the information supplied, but are unlikely to have any recollection of the information or cannot be traced.
As part of my duties, I have access to these records.
Sigmature............cccccecceeeeeeeeeeees Signature Witnessed DY.....ss.sceececcereeeeeeeees