WBONO0000856
WBON0000856
From: "Parsons, Andrew"! ~ “GRO. H
To: Rodric Williamg GRO
Subject: RE: Project Zebra [BD-4A.FID20472253]
Date: Fri, 30 May 2014 13:41:43 +0000
Importance: Normal
Inline-Images: image009.jpg; image010.jpg; image011.jpg; image012.jpg; image013.png;
image014.png; image015.png; image016.png; image017.gif; image018.gif;
image019.png
Rodric — I can see the logic in Gareth's changes.
One tiny tweak to Q3 as it is important that the Audit Store captures and secures whole baskets as baskets, not just
individual transactions.
A
Andrew Parsons
Senior Associate
for and on behalf of Bond Dickinson LLP
Mobile: I
Fax: }
Follow Bond Dickinson:
Blin)
www.bonddickinson.com
From: Rodric Williams [mailt¢
Sent: 30 May 2014 14:19
To: Parsons, Andrew
Subject: FW: Project Zebra
Hi-—comments?
From: James, Gareth (UK - Manchester) [mailto
Sent: 30 May 2014 14:07
To: Rodric Williams
Ce: Chris Aujard; Whitton, Andrew J (UK - London); Dunn, Austin C (UK - London); Yearsley, James A (UK - London);
White, Ian (UK - Leeds)
Subject: RE: Project Zebra
Confidential and Legally Privileged.
Afternoon Rod — thanks for this. Can I suggest we pick this up at 2.30?
I present some thoughts for on this:
¢ Amendments to (1) are changing the nature of this from one of ‘baskets processed must be compete in
order to get into the system’ to one of ‘recording to the audit store must be complete’. The latter is better
addressed by a change to (3) below — and the former we would suggest is key, to draw out features such as
atomic nature of Horizon and it’s double entry concepts, which mean that partial transactions just simple
can’t (as asserted) occur
WBD_000726.000001
WBONO0000856
WBON0000856
e (2), I understand what you mean... noting that this is a two step process: first, transactions moving from
Branch to Message Journal Table; second, transactions being swept up overnight from the Message
Journal Table, digitally sealed and written to the Audit Store. Am ok with this.
e (3) if the goal is to make this specific to Audit Store, I’d suggest we refine (4) to focus on reporting checks
only, to avoid duplication with (3) on digital seals
le: this would lead to the 5 suggestions below:
1. What comfort can be taken that Horizon only allows complete baskets of transactions to be initiated?
2. What comfort can be taken that baskets being communicated between Branch and Data Centre are not
subject to tampering whilst being transmitted to the Audit Store.
3. What comfort can be taken that the baskets of transactions recorded to the Audit store are complete and
‘digitally sealed’, to protect their integrity and make it evident if they have been tampered with?
4. What comfort can be taken that Horizon’s Audit Store maintains-aned reports from a complete and
unchanged record of all sealed baskets?
5. What comfort can be taken that Horizon provides visibility to sub-postmasters of all centrally generated
transactions processed to their Branch ledgers?
Speak soon
Gareth
From: Rodric Williams [mailtoj GRO. i
Sent: 30 May 2014 12:38
To: James, Gareth (UK - Manchester)
Ce: Chris Aujard
Subject: RE: Project Zebra
Gareth — can you address the questions expressed thus?:
1. What comfort can be taken that Horizon only allows complete baskets of transactions {baskets} to be
processed recorded to the Audit Store?
2. What comfort can be taken that baskets being communicated between Branch and Data Centre are not
subject to tampering whilst being transmitted to the Audit Store.
3. What comfort can be taken that the transactions cempletedin-Herizer recorded to the Audit store are
‘digitally sealed’, to protect their integrity and make it evident if they have been tampered with?
4. What comfort can be taken that Horizon’s Audit Store maintains and reports from a complete and
unchanged record of all sealed baskets?
5. What comfort can be taken that Horizon provides visibility to sub-postmasters of all centrally generated
transactions processed to their Branch ledgers?
Rodric Williams 1 Litigation Lawyer
148 Old Street, LONDON, EC1V 9HQ
}Postline:{ GRO
Post
@postofficenews
©O0®OGO®
From: James, Gareth (UK - Manchester) [mailto:
Sent: 30 May 2014 10:16
To: Chris Aujard
WBD_000726.000002
WBONO0000856
WBON0000856
Cc: Rodric Williams; Alwen Lyons; Whitton, Andrew J (UK - London); Dunn, Austin C (UK - London); Noon, David A
(UK - London); White, Ian (UK - Leeds)
Subject: RE: Project Zebra
Chris - thanks for the response. Before responding to the 3 additional matters, can i confirm that our
understanding below of what is required for the Board briefing document is accurate? The more specific we
can be on this matter, the more likely the additional document will address the Board's needs.
On your additional points below, regarding 2010, you are correct. The work we have performed over that
project identified that it had minimal impact on the design of controls relevant to the 4 questions below, and
we have assertions stating this. Thus our board briefing is unlikely to draw attention to matters relating to the
2010 project.
On the second point, thank you for the clarification and i will consult internally on this.
On the third point, we appreciate the time frame, but need to complete this critically important activity with
diligence and appropriate consultation. I appreciate that the understanding, scope and focus of our work has
evolved and refined since articulation of the original deliverable dated 23 May in early April, but i am
confident that that deliverable did meet those requirements, as well as providing a very solid foundation of
knowledge for this more focussed Board Briefing and being a very valuable tool for POL management going
forwards, as i discussed with Rod, Lesley and Julie in our Horizon Features walkthrough meeting last
Thursday. For example, Lesley has already connected us with the team planning the re-procurement of
Horizon as the Features, and the ongoing assurance mechanisms over them, will be a key part of their
considerations for any new solution for 2017.
Best regards
Gareth
Sent from a mobile device
-Original Message-
From: Chris Aujard: GRO I
Sent: Friday, May 30, 2014 08:49 AM GMT Standard Time
To: James, Gareth (UK - Manchester)
Ce: Rodric Williams; Alwen Lyons
Subject: RE: Project Zebra
James — three additional points:
1) We have discussed as some length the need to provide as much comfort as is possible in respect of the
period prior to 2010. For clarity, could you kindly confirm that you still propose to do this?
2) On the question of the audience for the document, this is principally the Board in the first instance; as
discussed we will however, want to be able to use any high level conclusions you may reach as a
foundation for the release of the Linklaters advice — at this stage we are not sure what form we would
need your conclusions to be expressed in (I expect that they may need to repackaged and summarised,
with the appropriate release letters signed), but I did want to make sure you were fully aware of our
intentions in this regard.
3) The proposed timing does not work at all for us. The board were expecting a readily digestible document
addressing the key matters that we have been discussing over the last few weeks last Friday, not next
Wednesday. Out of courtesy, I should let you know that I have spoken to Paula, our CEO, and she is now
minded to escalate the matter further within Deloitte.
I am offsite at meetings all morning, but should be available by lunchtime. In the meantime Alwen and Rod are in
the loop.
WBD_000726.000003
WBONO0000856
WBON0000856
Regards
Chris
From: James, Gareth (UK - Manchester) [mai
Sent: 29 May 2014 18:37
To: Chris Aujard; Rodric Williams; Julie George
Cc: Whitton, Andrew J (UK - London); Noon, David A (UK - London); White, Ian (UK - Leeds); Tantam, Mark (UK -
London)
Subject: Project Zebra
CONFIDENTIAL AND SUBJECT TO LEGAL PRIVILEGE
Chris,
Further to our conversations today, I wanted to confirm the next steps we propose to take regarding Project Zebra.
These seek to create a shorter document for you (intended for Board circulation) which focusses on certain key
(and most relevant) aspects of our wider work to date.
This “Board Briefing” document will focus on the four questions we agreed by phone, being:
1. What comfort can be taken that Horizon only allows complete transactions (baskets) to be processed?
2. What comfort can be taken that the transactions completed in Horizon are ‘digitally sealed’, to protect
their integrity and make it evident if they have been tampered with?
3. What comfort can be taken that Horizon’s Audit Store maintains and reports from a complete and
unchanged record of all sealed baskets?
4. What comfort can be taken that Horizon provides visibility to sub-postmasters of all centrally generated
transactions processed to their Branch ledgers?
For each of the above questions, we will:
¢ List those relevant high level system design and process control features that we identified in
documentation provided to us;
Describe the facts relating to the extent and nature of the Assurance Work we have seen;
* State what additional work could be undertaken to increase the level of comfort.
Our comments will be framed in the context and limitations of our work.
We estimate that this deliverable will take until close of play on Wednesday next week to produce and issue
through our review and signoff activities.
Please confirm that these points of focus are an accurate view of the next steps discussed this afternoon.
Thanks and regards
Gareth
Gareth James ‘
Partner
Deloitte LLP
ies Website I Finance Analytics Website
WBD_000726.000004
WBONO0000856
WBON0000856
UK Futures
How can UK business drive growth?
https loit iki
IMPORTANT NOTICE
This communication is from Deloitte LLP, a limited liability partnership registered in England and Wales with registered number 0C303675. Its registered office is 2, New
Street Square, London EC4A 382, United Kingdom. Deloitte LLP is the United Kingdom member firm of Deloitte Touche Tohmatsu Limited (“DTTL"), a UK private company
limited by guarantee, whose member firms are legally separate and independent entities. Please see www.deloitte,co.uk/about for a detailed description of the legal
structure of DTTL and its member firms.
This communication contains information which is confidential and may also be privileged. Iti for the exclusive use of the intended recipient{s). f you are not the intended
recipient(s), please (1) notify it.security.uk{ GRO by forwarding this email and delete all copies from your system and (2) note that disclosure, distribution, copying
or use of this communication is strictly prohibited. Email communications cannot be guaranteed to be secure or free from error or viruses. All emails sent to or from a
Deloitte UK email account are securely archived and stored by an external supplier within the European Union.
To the extent permitted by law, Deloitte LLP does not accept any liability for use of or reliance on the contents of this email by any person save by the intended recipient(s)
to the extent agreed in a Deloitte LLP engagement contract.
Opinions, conclusions and other information in this email which have not been delivered by way of the business of Deloitte LLP are neither given nor endorsed by it.
This email and any attachments are confidential and intended for the addressee only. If you are not the named
ent, you must not use, disclose, reproduce, copy or distribute the contents of this communication. If you have
received this in error, please contact the sender by reply email and then delete this email from your system. Any views
or opinions expressed within this email are solely those of the sender, unless otherwise specifically stated.
POST OFFICE LIMITED is registered in England and Wales no 2154540. Registered Office: 148 OLD STREET,
LONDON EC1V 9HQ.
This email and any attachments are confidential and intended for the addressee only. If you are not the named
recipient, you must not use, disclose, reproduce, copy or distribute the contents of this communication. If you have
received this in error, please contact the sender by reply email and then delete this email from your system. Any views
or opinions expressed within this email are solely those of the sender, unless otherwise specifically stated.
POST OFFICE LIMITED is registered in England and Wales no 2154540. Registered Office: 148 OLD STREET,
LONDON EC1V 9HQ.
This email and any attachments are confidential and intended for the addressee only. If you are not the named
recipient, you must not use, disclose, reproduce, copy or distribute the contents of this communication. If you have
received this in error, please contact the sender by reply email and then delete this email from your system. Any views
or opinions expressed within this email are solely those of the sender, unless otherwise specifically stated.
POST OFFICE LIMITED is registered in England and Wales no 2154540. Registered Office: 148 OLD STREET,
LONDON EC1V 9HQ.
WBD_000726.000005