POL00138290
POL00138290
Note regarding
Terms of Reference for Horizon Integrity Audit for
“Mediation process”
1. Introduction
The purpose of this note is to propose revised Terms of Reference for a possible
independent Audit of the data integrity of both the old Riposte Based Horizon
application and the current Horizon Online application that may be carried out as part
of Post Office Ltd’s new “Mediation process”.
This document is drafted in response to the Post Office Ltd.’s “draft scope for experts”
document shared with Fujitsu by Rodric Williams.
Post Office Limited refer to the ‘Horizon System’ which is a wide definition that
encompasses Post Office back office business processes and support provided to Sub-
postmasters and formed part of the scope agreed with Second Sight Services Limited.
These terms of reference relate specifically to those areas that Fujitsu believes are
relevant to an audit of the Horizon application, the capture of audit data and integrity
thereof. It is primarily this audit trail that Fujitsu believes is relevant to the “Mediation
process”.
It is also important that the scope of the expert review is something that an expert may
be reasonably expected to provide a view with minimal (or no) caveats, otherwise it
will carry little sway with the participants in the “Mediation process”. It should be
noted therefore, that the integrity of the data captured in the audit trail has been
subject to examination and challenge in several court cases and most recently by
Second Sight Services Limited and hence Fujitsu believes this is a reasonable and
achieveable scope for such a review.
2. Background
The following proposed scope of expert review is based upon a terms of reference
drafted by Fujitsu and agreed with KPMG that was to form the basis of an external
audit of data integrity within the Horizon application in 2012. This audit was cancelled
following the appointment of Second Sight Services Limited to undertake its
investigations.
Fujitsu considers the pivotal points that need to be addressed when scoping a possible
terms of reference are as follows;
e To establish whether or not the data captured and stored in the Horizon
application is a ‘true’ representation of the transaction performed in branch
¢ Could erroneous transactions, not created by sub-postmasters, enter the audit
trail?
FUJITSU RESTRICTED (COMMERCIAL IN CONFIDENCE)
g:\gij documents\poalprosecution support\mediation audit\draft tor.docx
Page 1 of 3
POL00138290
POL00138290
Is the integrity of the audit trail preserved once recorded / logged?
3. Basis of proposed Terms of Reference for the expert
In order to investigate the key areas outlined in section 2, Fujitsu proposes that an
expert could test some or all of the following assertions:
1.
Baskets net to nil
That all of the transactions in a basket (a basket is defined as any number of
items for one customer) received from the Post Office branch counter balance
to zero against the customer payment.
Basket received is same as that seen by counter
That the basket received at the data centre corresponds to what the counter
staff sees on the Horizon screen.
Full basket enters audit trail
The full basket goes into the audit trail.
All baskets enter audit trail
All baskets get into the audit trail.
No extra baskets enter audit trail
No extra baskets get into the audit trail (i.e. nothing is added that the counter
staff has not seen on the screen).
Audit trail has integrity
That the integrity of the audit trail has been maintained.
It should be noted that the old Riposte Based Horizon system is no longer in use and
so is not available for examination. Any audit of its integrity will have to rely on
documentation and an examination of the actual audit data produced by the system
limited to the extent to which it is still retained and available for examination.
4. Reference Material
In the past Fujitsu has produced a generic Witness Statement that has been submitted
in to evidence in court with prosecutions brought by Post Office Limited, where
integrity of Horizon data has been challenged. This Witness Statement was also
supplied to Second Sight as part of their review. In turn the Witness Statement refers
to 2 separate documents describing the Integrity of the old Riposte Based Horizon
system and the current Horizon Online system.
These documents are:
1.
2.
3.
JENKINS Gareth witness statementv1 .0.doc
ARCGENREP0004.HorizonDataIntegrity.doc
HorizonOnlineDatalIntegrity_ POL.doc
FUJITSU RESTRICTED (COMMERCIAL IN CONFIDENCE)
g:\gij documents\poa\prosecution support\mediation audit\draft tor.docx
Page 2 of 3
POL00138290
POL00138290
These documents provide a high level description of how Horizon records transactions
and the way in which the audit trail is managed. These documents have been provided
to Post Office Limited previously and it is important these are digested by all relevant
parties as these would form the starting point for further detailed discussions. These
can be supplied again if required.
FUJITSU RESTRICTED (COMMERCIAL IN CONFIDENCE)
g:\gij documents\poa\prosecution support\mediation audit\draft tor.docx
Page 3 of 3