POL00417095
POL00417095
Mike Granville
From: . Rod Ismay
Sent: 29 November 2010 19:43
To: Mike Granville
Ce: Rod Ismay
Subject: Draft. Branch data and balancing issue
This note is to respond to some recent concerns about data during branch balancing
processes.
In draft as yet to ensure it makes sense to those not so closely involved in the
issues.
The issue sometimes known as the "Receipts and Payments Mismatch" has come up in some
recent emails. There have been several business discussions about how to resolve it
and an option had been referred to which, if adopted, would have led to adjustments
being made direct in Horizon.
For clarity, whilst this was (for completeness) flagged as an option, my understanding
is that it has always been rejected as it would undermine the long standing principle
that all entries in Horizon be initiated or authorised by the branch.
It is undoubtedly possible with any IT system that special mechanisms could be
developed to adjust users systems and data, however, POL IT colleagues have remained
satisfied:
(A) that POL would not wish this facility to be built for Horizon, and
(B) that there are segregations of duties and change management controls which would
prevent Fujitsu from deploying such functionality
The specific "R&P" issue has arisen from a non compliant series of user actions in
branch and applies to a small number of branches. Whilst some branches had been
concerned that data had "disappeared" the relevant balance had actually been moved to
the wrong place but was still visible.
A solution and a covering explanatory note for branches are currently being worked up
through a group involving IT, Finance and Network colleagues.
Thanks Rod
POL00417095
POL00417095
POL00417095
POL00417095
MEMO
In the light of Lynn Hobbs e-mail of 18 November, and subsequent discussions with
Rod Ismay, I held a brief meeting with Mark Burley on Friday 26 November to
discuss the issue of any potential backdoor way into the Horizon system. Mark
confirmed that there wasn’t such a facility for POL.
He said that, as with any system the technical operator (Fujitsu in this case), had the
potential to make technical coding changes with respect to the system. However,
these activities were controlled by a rigorous process of clearances within Fujitsu
which would prevent amendment to any existing data. It was also the case that the
independent audit log would record everything that happened — so that there would be
a full independent record.
Tasked Mark if he could provide me with a note on the control processes that are in
place.
Mike Granville
POL00417095
POL00417095
POL00417095
POL00417095
Page 1 of 1
Mike Granville
From: Lynn Hobbs
Sent: 18 November 2010 14:58
To: Mike Granville; Rod Ismay
Subject: RE: Follow up to BIS meeting on JFSA
Mike, Rod
I'm happy with the report and just have one observation
I found out this week that Fujitsu can actually put an entry into a branch account remotely. It came up
when we were exploring solutions around a problem generated by the system following migration to
HNGx. This issue was quickly identified and a fix put in place but it impacted around 60 branches and
meant a loss/gain incurred in.a particular week in effect disappeared form the system. One solution,
quickly discounted because of the implications around integrity, was for Fujitsu to remotely eneter a value
into a branch account to reintroduce the missing loss/gain. So POL can't do this but Fujitsu can.
Lynn
From: Mike Granville
Sent: 17 November 2010 17:31
To: Rod Ismay; Lynn Hobbs
Subject: Follow up to BIS meeting on JFSA
Rod / Lynn
Further to the meeting we had with Mike Whitehead about the JFSA — I am aiming to send this broad
response note. Please can I ask if you could cast an eye over this and let me know if you have any
comments — or whether I've missed anything. I’d like to be able to send tomorrow (Thurs) — so, if feasible,
could I ask you to let me have any comments tomorrow.
Thanks
Mike
Mike Granville
Head of Regulation Strategy
Post Office Ltd
© ‘st Floor, Banner Street Wing, 148 Old Street, LONDON EC1V SH1Q
Me,
le ET Aiscussier homeo re Radda prowl.
Tk as this teswt Hk led ‘a che Hie vas
no wg Por could atk inbo He. spin ier if Fagiton,
did Go Hee eee we nlrols I Ik ghowlMe be noth in Ho
above Cree Hat no ackion by Exjiten was baker remolely on obey
ang Viv .
PA “Bs muy iy gee Men memo on Ho TF He Hie i
was cesalved’. Ik also makes clea Hak 20 toasacbions «dis, pose jon tle
19/11/2010 agate - rather Hug wee. posted te 1 Lye place. =>
. y" aceat Aryynbosare om ry a
POL00417095
___ POL00417095