FUJ00154664
FUJ00154664
From: SEWELLP.
Sent: Wed 08/08/2007 7:50:04 AM (UTC)
To: Penny.Thomas@:_
Subject: RE: Requests for data and calls
At home Penny call whenever
Pete Sewell
Deputy Security Manager
Fujitsu Services Royal Mail Group Account
LOVELACE ROAD,
BRACKNELL,
BERKS
RG12 8SN
Tel:
Mobile I G
Fax
E-Mail _ peter.sewel
Web http://uk.fujitsu.com
Fujitsu Services Registered in England no 96056,
Registered Office 22 Baker Street,
London WIU 3BW
This e-mail is only for the use of its intended recipient. Its contents are confidential and may be privileged. Fujitsu Services does not
guarantee that this e-mail has not been intercepted and amended ot that it is virus free.
a Original Message-----
From: Thomas Penny
Sent: 08 August 2007 08:19
To: Sewell Peter (FELO1)
Subject: FW: Requests for data and calls
Importance: High
Pete
I propose to send the following - please call to discuss.
All
I'm sorry, but I did return the calls for SSC to action - to date requests of this nature have been passed to SSC who request the data from me
and I provide it. SSC then conduct the analysis. I can provide transactional data but I cannot determine what is 'missing' I have no datum to
work from.
We are not equipped to handle these queries and we have not been required to do so in the past. If we are to do as Mik suggests then we
need, as he says - ‘someone who has both the technical knowledge to retrieve and understand the data’.
We should not confuse the requirements of Adhoe requests with ARQs. All data requests to support litigation come through Graham Ward
via an ARQ. The rules are quite clear here. Where we need support for litigation with technical analysis Gareth assists us
I do not know of an instance where we have supplied a witness statement to support any return on an Adhoc. And, if one was requested, we
would refuse to provide. The instance that Mik refers to came through Graham Ward to Brian Pinder. There is no requirement for litigation
support via an Adhoc request.
I do not recall seeing Mik's directive before, if I had I would have voiced my concerns. As we stand now, we cannot fulfil the requirement.
Kind regards
FUJ00154664
FUJ00154664
Penny
—— Original Message-----
From: Sewell Peter (FELO1)
Sent: 07 August 2007 16:04
To: Peach Mik
Ce: Thomas Penny; Melrose Liz; Walmsley Kirsty; Miller Kevin; Chambers Anne O
Subject: FW: Requests for data and calls
Mik
We are not returning these calls. All we have requested is the actual dates for each request so that we can retrieve the data. We have no
problem in providing the data. If there is analysis required then this could involve Gareth.
Regards Pete
-----Original Messag:
From: Pinder Brian
Sent: 07 August 2007 15:35
To: Sewell Peter (FELO1); Dunks Andy; Lowther Neneh
Subject: FW: Requests for data and calls
For your awareness and any comments?
Brian
From: Peach Mik
Sent: 07 August 2007 15:32
To: Pinder Brian; Thomas Penny
Ce: Melrose Liz; Walmsley Kirsty; Miller Kevin; Chambers Anne O
Subject: Requests for data and calls
Folks,
following last year's incident in which an SSC staff member ended up in court, we agreed a process by which some types of calls from
POL - notably those requesting information on transactions which had allegedly gone astray, or where it appeared that POL were preparing
data for some legal reason.
This process was then documented in SSC work instruction W12225R, and circulated. I have no record of any comments as a result of
this.
The work instruction in full is appended to this email
We are, however, still receiving calls for data which is over 4 months old (and which we therefore don’t have ) , passed to us from the
"MSU", and when we sent them to the security team, they have been returned...
To make the position clear -
a) If POL want information which is over 4 months old, then we don’t have it - it must come from the audit servers (I know POL agreed
not to raise calls after more than 4 months, which is why we sized the SSC servers as we did, but this appears to be being treated as a
guideline rather than a rule). Therefore these calls need to go direct to the security team - SSC can add no value.
b) If'it is unclear what data is required, then we are happy to advise the security team on what they need to retrieve.
c) We are here to resolve software bugs, and fix them, if there is no hint of a software bug in the call, then we should not be involved,
although we are usually happy to advise.
d) The actual wording on the calls from POL is important. IF the call claims that the system is at fault, then we will look at the initial call
and say (in all cases to date) "no it isn't". IF POL raise calls saying "Please find the missing transaction for 25K that took place on date xxx,
FUJ00154664
FUJ00154664
then this is an ad-hoc request for data, and should be treated as such.
It may be that the underlying issue is a lack of resource of a particular kind in the security team - someone who has both the technical
knowledge to retrieve and understand the data, and who is capable of supplying the analysis in the correct legal terminology to POL.
In the past, this role has largely been filled on an ad-hoc basis by Glenn Stevens and Gareth Jenkins. Glenn has obviously left, and I do
not know the current relationship between the security team and Gareth.
I can confirm that the SSC is NOT in position to undertake this role.
Regards
Mik
WORK INSTRUCTION
All requests for ad-hoc data will be sent to ad-hocPostOfficeAccountMIS,____GRO___{(Any Peaks coming to the SSC requesting ad-
hoe data which have not originated with Pooja Sujith should be discussed with Pooja , or, in her absence Liz Melrose)
2.Requests will be filtered and Security or litigation requests will be refused because POL should use the ARQ process . POL staff should
raise these requests via Graham Ward (graham.c.ward! I. The ARQ will be processed by the security team
3.Transaction details for single FADs, over a maximum of three days that occurred within the last 4 months will be raised by Pooja as a
PEAK and sent to SSC, specifying the format for the output. Any request that fails to meet these criteria might be chargeable.
4.Requests for data which is over 4 months will be sent direct from Pooja to the Security team who will retrieve the data from the Audit
servers. If the Security team needs support or help to fill the requirement, assistance will be provided by SSC, via PEAK.
5.If an ad hoc request meets the 4 month criteria, but fails any of the others, then SSC staff should look at it - but may reject it - usually on the
basis that this will take more than 1 m/d work. SSC will then provide a timescale by which ad hoc could be completed to Pooja
6.If the ad hoc request meets the chargeable criteria, an indication of cost should also provided back to Pooja, so that she can discuss this with
POL.
The chargeable rate will be £70 per hour (System Engineer) rate for this service.
7.An invoice of the all chargeable ad hoes will be produced on a monthly basis.