FUJ00176528
FUJ00176528
From: Browell, Steven[/O=EXCHANGELABS/OU=EXCHANGE ADMINISTRATIVE GROUP
(FYDIBOHF23SPDLT)/CN=RECIPIENTS/CN=3D3D7C6D3423416C862CDAOE068EF742-
BROWELL, ST]
Sent: Mon 06/12/2021 3:55:55 PM (UTC)
To: Muir, Jason} Ashford,
Gauntlet, P.
Wilson, Simon:
Ce: 5 Kemp,
Gibson, Andrew
Subject: CONFIDENTIAL - Audit Archive - The action plan
All,
Some of you were on the kick off call on Friday last week. Others have been briefed subsequently. The issues relating
to the harvesting process, the audit archive, and the ARQ extract process are extremely urgent and also extremely
important. Please do not provide any status updates to POL. Please refer them to Simon Oldnall (POL) to whom I will
provide a full response once we have one that is approved to share.
I have setup 5 avenues of investigation and so that we are all aligned I am sharing them here in summary form. You
can reply to me directly if you wish to check anything — to save colleagues inboxes. I will be setting up a daily call with
the named parties for the WIP actions so we keep momentum and can discuss things. We need to get to a conclusion,
or a very confident position and a clear plan to complete, before the end of this week.
1. PCI MEETING WITH POL - Paul
* We need to understand what POL have been told as part of the PCI meeting and also confirm that they
understand that this has been escalated and there will be a single Fujitsu response issued to this — when
the response is ready. ACTION COMPLETE
2. ARQ PROCESS — Jason/Geoff/Gerald
* We need to confirm that we have NEVER (or if we have ever) sent incomplete ARQ transaction
responses to POL because of gaps in the audit archive without making it clear to POL that there were
gaps. We need to confirm that POL have always been aware of any gaps in the ARQ responses we have
sent. WIP
3. DATA COMPLETENESS — Gerald/Ed
« We need to confirm there are NO GAPS (or the extent to which complete gaps exist) in the audit archive
stores created during Horizon (considering both stores combined) and presently as part of HNG-X. We
need evidence — especially if action 2 is not completely confirmed. POL want a statement on this item in
our response. Although this cannot be rectified, it will ensure future references to the audit archive are
worded accurately. WIP
4. INCIDENT/EVENT MANAGEMENT - Steve Bansal/Matt Hatch
* We need to understand how the Harvester issues were recorded and actioned in Horizon and if there
are any current Harvester issues that must be addressed. Did we, and do we, monitor the Harvester(s)
and take prompt and appropriate action to address issues found? How many issues have there been?
What is the extent of their impact? This will help validate action 3 or may be the only source of
information to respond to 3. WIP.
5. HNG-X HARVESTER DESIGN — Simon Wilson (until delegated)
© The current Harvesting is done in IRE11 only and then the audit archive data is replicated to IRE19. Issue
with the Harvester could therefore impact both audit archive datastores. Are we confident this is the best
FUJ00176528
FUJ00176528
design? Did POL agree to this design? If we have concerns, now is a good time to air them. WIP
Steve Browell
Post Office Account
Management Consultant & CISO
Fujitsu Enterprise & Cyber Security
Fujitsu Services, Trafalgar House, Temple Court, Risley, Warrington, Cheshire, WA3 6GD, United Kingdom
Mob:{_.
E-mail