WITN06650400
WITN06650400
Witness Name: William Paul Patterson (on behalf of Fujitsu Services Limited)
Statement No.: WITNO6650400
Dated: 8 August 2024
POST OFFICE HORIZON IT INQUIRY
FOURTH CORPORATE STATEMENT OF FUJITSU SERVICES LIMITED
I, MR WILLIAM PAUL PATTERSON (known as Paul Patterson), will say as follows:
INTRODUCTION
1. I am a director of Fujitsu Services Limited (“Fujitsu”) and am duly authorised to
make this statement on its behalf. I make this statement in response to the Inquiry’s
Rule 9 Request, dated 31 August 2023, for a corporate statement addressing
issues relevant to Phases 6 and 7 of the Inquiry (the “Request’). In particular, the
Request focuses on the following matters from 1999 to the present day (the
“Relevant Period’):
a. the identification, investigation, recording, reporting and rectification of (i)
bugs, errors and defects (“BEDs’), (ii) other network and system failures or
(iii) the impact of such events upon branch accounts (“Incident Management
Obligations”); and
Page 1 of 218
WITN06650400
WITN06650400
b. the use of privileged access by Fujitsu employees to remedy errors in
transaction data and branch accounts (“Privileged Access” and the
“Privileged Access Obligations”),
(together, the “Relevant Obligations’).
As noted in the First, Second and Third Corporate Statements dated 28 September
2022, 29 December 2022 and 14 September 2023 respectively (collectively the
“Previous Corporate Statements”, individually the “First/Second/Third
Corporate Statement”, respectively), I do not have first-hand knowledge of many
of the matters which are set out in this corporate statement. For this reason, I wish
to reiterate at the outset how the information in this statement has been compiled.
As with the responses in the Previous Corporate Statements, responses to
questions set out in this statement are generally drawn from documentary sources.
For the purposes of preparing this statement, I have been assisted by a team of
individuals within Fujitsu and Morrison Foerster. This is due to the vast amount of
documentation and sources of evidence which have had to be reviewed for a
period stretching over 25 years. This team has provided me with the documents
which are referenced in this statement and exhibited in accordance with the index
at the back of this statement, and which are the principal source of my knowledge
of this statement’s content. I have also been directed to the key parts of the Horizon
IT System (“Horizon”) contract over time, as described in this statement.
Page 2 of 218
WITN06650400
WITN06650400
Further, as noted in the Previous Corporate Statements, I do not have a detailed
technical knowledge of Horizon and I am reliant upon Fujitsu staff with relevant
technical expertise and knowledge of such matters.
The responses provided in this fourth corporate statement represent Fujitsu’s
current understanding of the information available. Given that work in relation to
Phases 6 and 7 of the Inquiry is ongoing, it may be that Fujitsu will need to
supplement this corporate statement as further material is identified. For ease of
reference, set out in the table below are the relevant sections of this corporate
statement and the relevant paragraphs:
Section Paragraphs
1. Background to Fujitsu’s Contractual Obligations 7-11
2. The Incident Management Obligations 12-32
3. Operational Services relating to the Incident Management I 33-140
Obligations
4. Summary of Measures relating to Incident Management 141-170
5. The Privileged Access Obligations 171-190
6. Operational Services relating to Privileged Access 191
7. Summary of Measures relating to Privileged Access 192 - 207
8. Monitoring Compliance with the Relevant Obligations 208 — 223
9. Financial Penalties 224 — 226
10. I Contractual Obligations relevant to Financial Penalties 227 — 234
11. I Liquidated Damages Mechanisms 235 — 262
Page 3 of 218
5.
6.
WITN06650400
WITN06650400
For ease of reference, in this statement:
ICL Pathway Limited (which initially managed the Horizon contract, and later
novated the contract to Fujitsu Services Limited) and Fujitsu Services Limited
will be referred to collectively as “Fujitsu”; and
Post Office Counters Limited (subsequently Post Office Limited) will be
referred to collectively as “POL”).
Further, references to Horizon in this statement shall be as follows:
a. Pathway Programme: The solution designed and developed between 1996
and 1999 further to a tripartite arrangement between Fujitsu, POL and the
Department of Health and Social Security (the “DSS”), and as discussed in
detail in the First Corporate Statement.
b. Legacy Horizon: The original iteration of Horizon which was in operation
from 1999 to 2010 and which used Riposte software from Escher, a third-
party specialist provider to post offices in other countries, to replicate data
between counters at the branches and correspondence servers in the data
centres.!
c. Horizon Online: Comprising both (i) HNG-X, which was rolled out to the
majority of Post Office branches by 31 August 2010, and (ii) HNG-A, which
was progressively rolled out to branches from 2016. HNG-X was a
1 First Corporate Statement of Fujitsu Services Limited, WITN06650100, paragraphs 12 to 14,
Page 4 of 218
WITN06650400
WITN06650400
replacement of the Legacy Horizon system. The core technical change of
HNG-X was the replacement of the Riposte system with a system of direct
transmission from the counter to the data centre. The development of HNG-
A was driven by the need to replace ageing Windows NT 4 branch counter
technology with a Windows 10 operating system.”
BACKGROUND TO FUJITSU’S CONTRACTUAL OBLIGATIONS
As part of the Request, the Inquiry has asked Fujitsu to provide an explanation as
to (i) the contractual obligations in place during the Relevant Period which relate
to the Relevant Obligations, (ii) the measures put in place to address those
contractual obligations, and (iii) the measures in place to monitor Fujitsu’s
compliance with those contractual obligations. The Inquiry has also sought details
of how these measures have changed following the Horizon Issues Judgment
handed down by Justice Fraser in the Bates v POL group litigation on
16 December 2019.°
The main document governing the contractual relationship between POL and
Fujitsu (as they are now known) is the Horizon contract. It is a single contract which
has been varied substantially over time. References below in this corporate
statement to phases of the Horizon contract's operation and the different names
which have been used for that contract in different periods of its operation have
been used for convenience only. In addition to the Horizon contract, the contractual
2 First Corporate Statement of Fujitsu Services Limited, WITN06650100, paragraphs 15 and 16
3 [2019] EWHC 3408 (QB)
Page 5 of 218
WITN06650400
WITN06650400
relationship between POL and Fujitsu is also governed by a number of ancillary
documents, most notably:
a. Change Control Notes (each_a “CCN”): CCNs are the contractually
mandated? format of agreed variations to the Horizon contract. The definition
of new or withdrawn services is therefore managed through CCNs. A CCN is
authorised and has effect when it is approved and signed by authorised
representatives from both Fujitsu and POL.
b. Contract Controlled Documents (each a “CCD”): CCDs are documents which
are referred to in the Horizon contract. CCDs are often used to provide
detailed technical specification. The Horizon contract permitted Fujitsu and
POL to introduce or amend CCDs by using the Change Control Procedure
(i.e., by an agreed CCN).
9. There have been 23 conformed® major versions of the Horizon contract during the
Relevant Period. For convenience, this corporate statement examines the
Relevant Obligations across three broad phases of contract operation, as follows:
a. The codified agreement, effective from 28 July 1999 to 30 December 2002
(the “Codified Agreement’), which was agreed between POL and Fujitsu
4 The relevant schedule governing how changes and amendments are made to the Horizon contract has
changed over time. In the Codified Agreement dated 28 July 1999 the relevant schedule is Schedule A05.
In the latest conformed major version of the Horizon contract (version 14.0) approved on 20 December
2021 the relevant schedule is Schedule A3
5 In Fujitsu's business it is common for it and its customers to create conformed versions of long-term
contracts. The purpose of conformance is to update the contract to reflect all or some of the variations
agreed to that contract. Each conformed version of the Horizon contract summarises in the version history
table at the outset of the document which agreed variations have been conformed into that version
Page 6 of 218
WITN06650400
WITN06650400
following the withdrawal of the DSS from the Pathway Programme in
May 1999.° As described in paragraphs 64 to 89 of the First Corporate
Statement, prior to this date, pilot releases of the Pathway Programme had
already been rolled out to around 200 branches, and preparation for national
rollout was in progress and subject to the completion of a contractual
acceptance process. The Codified Agreement was unusual in so far as it was
concluded part way through the development and testing stages of the
Systems Development Life Cycle ("SDLC”)’ of a system which had been
procured, designed and partially developed under a prior contract between
the parties.® In consequence, a number of the provisions of that earlier
contract were carried across into the Codified Agreement and provisions
were added to address the partial delivery of that system at the time of
contracting.
b. IThe Codified Agreement was amended on 31 December 2002 by CCN 1100
amongst other things to introduce a network banking application that was to
support the transaction of certain banking business in branches,® such as
cash deposits and withdrawals.'° There are seven major conformed versions
of the Horizon contract dating from 31 December 2002 to 15 August 2006,
each of which are substantially in the same format (together, the “Varied and
6 Further detail in relation to the Pathway Programme and the withdrawal of the Department of Health and
Social Security is provided in the First Corporate Statement
7 Expert Witness Report of Charles Cipione dated 14 September 2022, EXPG0000001, paragraph 3.7
® Agreement between POL and Fujitsu dated 15 May 1996, POL00028181
° FUJ00000899
10 See paragraph 2.6 of the Varied and Restated Agreements
Page 7 of 218
WITN06650400
WITN06650400
Restated Agreements”) and which are structured, presentationally at least,
quite differently to the Codified Agreement."'
c. CCN 1200,'? submitted on 23 August 2006, introduced certain variations to
the Horizon contract including changes to address the design, development,
testing and deployment of a new system, HNG-X, and the continued
maintenance of Legacy Horizon pending the migration of Post Office
branches to HNG-X. At the time of preparing this corporate statement, there
have been 15 major conformed versions of the Horizon contract since 31
August 2006, the final version of which was agreed between the parties
shortly before the submission of this corporate statement.'? Each of these 15
conformed versions (together, the “HNG-X Agreements’) are substantially
in the same format as one another.'4 This phase includes the subsequent
introduction of HNG-A. The development and delivery of HNG-A was
introduced pursuant to CCN 1600, submitted on 22 February 20161 and later
‘Codified Agreement dated 28 July 1999, FUJ00000071; Varied and Restated Agreements: FUJ00000074
(v 1.0 dated 31 December 2002); FUJ00000087 (v 2.0 dated 6 August 2003); FUJ00000079 (v 3.0 dated 5
November 2003); FUJ00000080; FUJ00000081 (v 5.0 dated 5 July 2005); FUJ00000082 (v 6.0 dated 30
November 2005); FUJ00000083 (v 7.0 dated 15 August 2006)
12 FUJ00000972
13 It is noted that the dates shown on the various documents comprising version 15.0 of the HNG-X
Agreement are the dates upon which the conformance exercise commenced for that part of the agreement.
Version 15.0 of the HNG-X Agreement was agreed between Fujitsu and POL on 6 May 2024
‘4 FUJ00000084 (v 1.0 dated 31 August 2006); FUJ00000085 (v 2.0 dated 24 January 2007); FUJ00000086
(v 3.0 dated 6 July 2007); FUJ00000075 (v 4.0 dated 14 April 2008); FUJ00000076 (v 5.0 dated 23 February
2009); FUJ00000077 (v 6.0 dated 7 July 2009); FUJ00000078 (v 7.0 dated 10 May 2010); FUJ00000068
(v 8.0 dated 21 February 2012); FUJ00000069 (v 9.0 dated 13 January 2014); FUJ00000070 (v 10.0 dated
10 September 2015); FUJ00000072 (v 11.0 dated 31 March 2016); FUJ00000073 (v 12.0 dated 3 July
2017); FUJ00000003 (v 13.0 dated 23 November 2020); FUJ00234786 (v 14.0 dated 20 December 2021);
Exhibit numbers 27 to 66 (v 15.0 agreed on 6 May 2024)
18 FUJ00001132
Page 8 of 218
WITN06650400
WITN06650400
conformed into version 11.0 of the HNG-X Agreements on or about 31 March
2016 by CCN 1604.'¢
10. The Horizon contract in each of these three phases contains provisions to address
the different stages of the SDLC. I refer to paragraph 3.7.2 of the Expert Witness
Report of Charles Cipione dated 14 September 2022 which contains a summary
of the various commonly used stages of the SDLC, being Planning, Analysis,
Design, Development, Testing, Deployment and Maintenance. Both Legacy
Horizon and Horizon Online were developed using the first four stages of the SDLC
before they were formally accepted into live service (Maintenance) following
Testing and Deployment. The majority of the Relevant Period concerns the
Maintenance stage of each system. The contractual and operational regimes for
managing BEDs in Horizon are different as between the Maintenance stage and
the prior stages. This statement is focussed on the contractual and operational
regimes for managing BEDs during the Maintenance stage of each system.
11. This corporate statement first addresses the Incident Management Obligations
within each of the three contractual phases (see paragraphs 12 to 170 below). It
then addresses the Privileged Access Obligations contained within each of these
three phases (see paragraphs 171 to 207 below). As requested by the Inquiry, a
summary of the measures that were put in place to address the Incident
Management and Privileged Access Obligations is also provided in each of these
two sections.
16 FUJ00001136
Page 9 of 218
WITN06650400
WITN06650400
THE INCIDENT MANAGEMENT OBLIGATIONS
12. For context, prior to the Maintenance stage of Horizon, there would have been
obligations and processes in place during the Development and Testing stages of
the SDLC to identify, investigate and resolve BEDs in new software prior to its
acceptance into live service and subsequent Deployment. However, as Mr Charles
Cipione noted in paragraph 3.7.2(g) of his Report, not all BEDs in the software can
be identified during Testing. Further, certain known BEDs may be accepted into
live service either with a workaround in place, or with the intention to develop a fix
in due course. For example, the release note for Core Service Release+ (“CSR+’),
which was rolled out to branches during the national rollout, sets out at Appendix
B the “Outstanding Issues’ to be resolved either (i) during the live pilot, (ii) through
the application of a resolution plan, or (iii) for “low impact’ issues, as part of a
maintenance release.'”
13. I The Relevant Obligations summarised below primarily relate to the performance
of “Operational Services” during the Maintenance stage of the Horizon system.
17 Release Note for CSR+ (CS/REN/003), FUJ00079484 (v 1.0 dated 24 October 2000)
Page 10 of 218
WITN06650400
WITN06650400
The Codified Agreement (28 July 1999 to 30 December 2002)1®
14. Pursuant to clause 106.3 (General Principles), the POCL Services and the POCL
Infrastructure was to be provided in accordance with, and comply with, all relevant
applicable industry standards, as listed in Schedule A2.
15. Under clause 201.2, Fujitsu was responsible, subject to certain qualifications, for
meeting POL’s requirements specified in Schedule A15 of the Codified Agreement,
in accordance with the ‘Solutions’ specified in Schedule A16 by performing the
‘Core System Services’ (i.e., those services specified in clause 201.3). Clause
201.2 goes on to clarify, however, that POL’s acceptance of the ‘Solutions’ in
Schedule A16 “shall not relieve [Fujitsu] of its obligation to meet such of those
requirements specified in Schedule A15...”.
16. In accordance with clause 201.3, Fujitsu was required to perform the ‘Core System
Services’ in accordance with all applicable provisions. The applicable provisions in
respect of the ‘Core System Services’ were set out in clause 405 under the heading
‘Performance of Operational Services’ and included the ‘POCL Infrastructure
Services’. In the context of the Codified Agreement, many of the contractual
obligations with which this corporate statement is concerned arose in connection
with the POCL Infrastructure Services. These services are then defined in more
detailed in Schedule G01 (POCL Infrastructure Service Definition).
18 Defined terms contained within this section that are not defined within this corporate statement take the
meanings given to them in the Codified Agreement
Page 11 of 218
WITN06650400
WITN06650400
17. An explanation of the Core System Services (or “Operational Services”) which
Fujitsu considers most applicable to the Incident Management Obligations is set
out at paragraphs 33 to 140 of this corporate statement. This explanation includes
a summary of the relevant contractual provisions in respect of each of these
Operational Services.
18. Under clause 702, in relation to the performance of POCL Services (defined as the
“Core System Services and all other obligations of [Fujitsu] under this Codified
Agreement’),'9 Fujitsu warranted and represented that (amongst other things):
a. “[t]he POCL Services shall be supplied and rendered by appropriately
experienced, qualified and trained personnel with all due skill, care and
diligence” (clause 702.1);
b. Obligations under the Codified Agreement would be discharged with “all due
skill, care and diligence including but not limited to good industry practice
and...in accordance with the best of its own established internal procedures”
(clause 702.2); and
c. “the POCL Services shall be performed in such a way as to cause minimum
disruption to the business of [POL] and the End Users [i.e. postmasters]”
(clause 702.8).
19. Under clause 703, in relation to the performance of Products (defined as including
the “Core System Products and any Optional Products and Additional Products
18 Codified Agreement, Schedule A01, FUJ00000071
Page 12 of 218
WITN06650400
WITN06650400
and any [POL] Consumables”),?° Fujitsu warranted and represented that (amongst
other things) “...a// components of the POCL Service Infrastructure shall operate
in accordance with their respective specifications...” (clause 703.2).
20. Under clause 705, in relation to Technical Standards, Fujitsu warranted and
represented that (amongst other things) “the POCL Services shall comply with,
and be provided in accordance with, the policies and standards specified in
Schedule A2 and all components and equipment used in the course of the
provision of the POCL Services shall operate in accordance with their technical
specifications” (clause 705.1).
21. The Codified Agreement contains provisions regarding the Acceptance of the
system following Testing and Live Trials prior to its national rollout to Post Office
branches. Out of these stages, three supplemental agreements to the Codified
Agreement were agreed between Fujitsu and POL on 20 August 1999,
24 September 1999 and 19 January 2000, respectively (collectively, the
“Supplemental Agreements’, individually the “First/Second/Third
Supplemental Agreement’, respectively).
22. The Supplemental Agreements are described in more detail in paragraphs 124 to
140 of the First Corporate Statement. At the request of the Inquiry, those
descriptions are not repeated in this corporate statement; however, I note in
particular that:
20 Codified Agreement, Schedule A01, FUJ00000071
Page 13 of 218
WITN06650400
WITN06650400
a. Amongst the Acceptance Incidents described in Part B of Schedule 1 to the
Second Supplemental Agreement were (i) Al 376, which led to the
introduction of the “TIP Integrity Checking Period”, and (ii) Al 408, which
related to the performance of the Service Desk Service. For further detail on
the Acceptance Incidents addressed by the Second Supplemental
Agreement and their rectification plans, see paragraphs 126 to 133 and
Appendix 2 of the First Corporate Statement.
b. At the time of the Second Supplemental Agreement, CCN 562 was issued.?'
CCN 562 amended Schedule G01 of the Codified Agreement, by adding a
new paragraph 3.6 which addressed, amongst other things, data errors and
discrepancies and how the same were reported to POL. CCN 562 also
amended the resolution plan for Al 376 set out in Schedule 2 to the Second
Supplemental Agreement.
c. The Third Supplemental Agreement amended the Codified Agreement and
introduced, amongst other things, further changes to Helpdesk and to the
reconciliation and integrity control processes. As noted in paragraph 134 of
the First Corporate Statement, the Third Supplemental Agreement required
that, amongst other things, POL and Fujitsu continue co-operating in order
to, (i) comply with obligations in relation to the Service Desk Service, (ii)
develop operational procedures to support the accounting integrity control
over the TIP interface, (iii) introduce new and detailed processes in relation
21 FUJ00000496, dated 28 July 1999
Page 14 of 218
WITN06650400
WITN06650400
to TIP data transfer rules, and (iv) improve end to end management of
Reference Data over the Core System. Further detail on the provisions of the
Third Supplemental Agreement is set out in paragraphs 134 to 140 of the
First Corporate Statement.
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
23. As noted above, when introducing the Network Banking solution to the Horizon
system, in 2002 the format of the Horizon contract was restructured and amended
by CCN 1100. It became, with effect from 31 December 2002, the Varied and
Restated Agreement.
24. Under the Varied and Restated Agreements, as with the Codified Agreement,
many of the Incident Management Obligations arose in connection with the
performance of Operational Services by Fujitsu.
25. In accordance with clause 1 (Performance of Services), Fujitsu was required to
perform specified services, including, of most relevance, Operational Services “in
accordance with all applicable provisions hereof’ (clause 1.1.1). Schedule 19 set
out the Operational Services that were to be performed by Fujitsu. Many of them
corresponded with the Operational Services specified in the Codified Agreement
phase.
26. A table of the Operational Services then in place was set out in Schedule 19 of the
Varied and Restated Agreements along with (i) a brief description of each of those
services, and (ii) the CCDs that contain the service description for each of the
Page 15 of 218
27.
WITN06650400
WITN06650400
Operational Services that were to be performed. An explanation of the Operational
Services which Fujitsu considers most applicable to the Incident Management
Obligations is set out at paragraphs 33 to 140 of this corporate statement. This
explanation includes a summary of the relevant contractual provisions in respect
of each of these Operational Services.
In addition to the obligations in relation to the specific Operational Services
described above, Fujitsu gave a number of general undertakings in the Varied and
Restated Agreements. Amongst other things, Fujitsu undertook:
a. _ that the Services (including the Operational Services, amongst others) would
comply with, and be provided in accordance with, the policies and standards
specified in Schedule 2 and “all components and equipment used in the
course of the provision of the Services shall operate in accordance with their
technical specifications” (clause 9.1.1);
b. to “discharge its obligations under this Agreement with all due skill, care and
diligence, including but not limited to good industry practice and... in
accordance with the best of its own established internal procedures’ (clause
9.2.2);
c. _ to “provide the Operational Services using the Applications functioning on the
Horizon Service Infrastructure” (see clause 9.2.5);
Page 16 of 218
28.
29.
WITN06650400
WITN06650400
d. that “the interfaces to all external systems connected to the Horizon Service
Infrastructure shall operate in accordance with the applicable AIS and TIS”
(clause 9.2.6);
e. to perform the Services “in such a way as to cause a minimum of disruption
to the business of Post Office and the End Users” (clause 9.2.7); and
f. that “...all components of the Horizon Service Infrastructure shall operate in
accordance with their respective specifications, except that, for the avoidance
of doubt, it is agreed that Post Office shall have no remedy for breach of this
undertaking in relation to errors or interruptions to Services which cause a
failure of a SLT or an ARL” (clause 9.3.1).
Schedule 17 (Infrastructure) provided an overview of the Horizon Service
Infrastructure and the Infrastructure Services that Fujitsu was required to provide
to POL in order to deliver the Applications and thereby provide the Services (see
paragraph 1.1).
Schedule 18 (Application Management) recorded and specified the Applications
used by Fujitsu to provide the Services to POL. Pursuant to clause 1.2 of
Schedule 18, Fujitsu was required to operate and maintain each Application listed
therein in accordance with the relevant specifications for each Application, all
relevant CCDs and all relevant Service Levels.
Page 17 of 218
WITN06650400
WITN06650400
HNG-X Agreements (31 August 2006 to Present)
30. As noted above, the Horizon contract was restructured to address the
Development, Testing and Deployment of HNG-X and the Maintenance of Legacy
Horizon while the Deployment of HNG-X took place. Version 1.0 of the HNG-X
Agreements was effective from 31 August 2006. Whilst it has been amended from
time to time, the structure has remained substantially the same across the 15 major
conformed versions of the Horizon contract relevant to HNG-X.
31. I Under clause 15 of the HNG-X Agreements (Service Standards), Fujitsu undertook
that (amongst other things):
a. “the Services, the HNG-X Development and the Associated Change
Development shall comply with, and be provided in accordance with, the
policies and standards specified in Schedule A4 and all components and
equipment used in the course of the provision of the Services shall operate
in accordance with their technical specifications” (clause 15.1.1);
b. “the Infrastructure, the PostShop Infrastructure, the Horizon Applications, the
Business Capabilities and the Support Facilities shall be provided in
accordance with and comply with all relevant applicable industry standards,
as these standards are listed in Schedule A4” (clause 15.1.3);72
22 In v 7.0 of the HNG-X Agreements dated 10 May 2010, the reference to ‘PostShop Infrastructure’ is
amended to ‘Superstock Infrastructure’. In v 12.0 of the HNG-X Agreements dated 3 July 2017, reference
to ‘Superstock Infrastructure’ was removed from this clause
Page 18 of 218
WITN06650400
WITN06650400
c. “the Services, the HNG-X Development and the Associated Change
Development shall be supplied and rendered by appropriately experienced,
qualified and trained personnel with all due skill, care and diligence” (clause
15.1.4);
d. Fujitsu would discharge its obligations under the HNG-X Agreements with “a//
due skill, care and diligence including but not limited to good industry practice
and... in accordance with the best of its own established internal procedures”
(clause 15.1.5); and
e. “the Services shall be performed in such a way as to cause a minimum of
disruption to the business of Post Office and the End Users [i.e. postmasters]”
(clause 15.1.8).
32. Table A of Schedule B3.1 of the HNG-X Agreements contained the Operational
Services to be delivered by Fujitsu and included (i) a brief description of each of
those services, (ii) the initial CCDs that contain the service description for each of
the services that were performed for Legacy Horizon, and (iii) the new CCDs due
to come into force for each service to be performed for HNG-X following a specified
“Trigger Event”.
OPERATIONAL SERVICES RELATING TO THE INCIDENT MANAGEMENT
OBLIGATIONS
33. Set out in this section of the corporate statement are explanations of the key
contractual obligations relating to those Operational Services which Fujitsu
Page 19 of 218
WITN06650400
WITN06650400
considers to be most relevant to the Incident Management Obligations over time.
The relevant paragraphs for these Operational Services are set out in the table
below:
Operational Service Paragraphs
1. Service Desk Service 35-53
2. Engineering Service 54-66
3. Third Line Support Service 67-76
4. Fourth Line Support Service?° 77-85
5. Service Management Service 86-100
6. Systems Management Service 101-112
7. Management Information Service 113-127
8. Reconciliation Service 128-140
34. In addition to the Operational Services listed above, I understand that there are
other Operational Services which are also relevant to the Incident Management
Obligations but to a lesser degree. These include the Branch Network Service?*
23 Although Fourth Line of Support was classified as a ‘Development Service’ in the Codified Agreement
and Varied and Restated Agreements, it is convenient to deal with it under the heading Operational
Services, together with the other relevant services
24 Not defined as a separate service until the HNG-X Agreements (see Table A in paragraph 2 of Schedule
B3.1). The relevant CCD for the Branch Network Service was listed in Table A as ‘Branch Network Service:
Service Description’ with internal reference SVM/SDM/SD/0011: FUJ00079996 (v 1.0 dated 31 August
2006); FUJ00080023 (v 2.0 dated 28 February 2007); FUJ00080074 (v 3.0 dated 10 June 2009);
FUJ00080087 (v 4.0 dated 4 March 2010); FUJ00080252 (v 5.0 dated 25 November 2013); FUJ00080294
(v 6.0 dated 9 May 2014); FUJ00080384 (v 7.0 dated 24 July 2017); FUJ00080400 (v 8.0 dated 5 March
2018)
Page 20 of 218
WITN06650400
WITN06650400
and the Central Network Service.”5 The relevant Incident Management Obligations
for these services and associated CCDs are footnoted to this paragraph.
Service Desk Service
35. I The Service Desk, which was also known at various times as the Horizon Systems
Helpdesk (HSH) or Horizon Service Desk (HSD) (the “Service Desk”), was first
established in May 1996 as part of the Pathway Programme as an initial point of
contact for postmasters in need of support. The service continued from May 1999
under the various versions of the Horizon contract described above until POL
introduced a towers model following which, on or around 2 July 2014, the Service
Desk Service was transferred to a third-party provider, Atos.7°
Codified Agreement (28 July 1999 to 30 December 2002)
36. I Under Schedule A01 of the Codified Agreement, the Service Desk was defined as
“[t]he initial point of call for Users in need of support relating to the POCL Services”.
The relevant Requirements for the Service Desk Service were Requirements 521
to 529 and 914, which were set out in Schedule A15. The corresponding sections
of Schedule A16 contained Fujitsu’s ‘Solutions’ and POL’s comments on those
solutions. Pursuant to clause 201.2 of the Codified Agreement, Fujitsu was
25 Not defined as a separate service until the HNG-X Agreements (see Table A in paragraph 2 of Schedule
B3.1). The relevant CCD for the Central Network Service was listed in Table A as ‘Central Network Service:
Service Description’ with internal reference SVM/SDM/SD/0012: FUJ00002028 (v 1.0 dated 31 August
2006); FUJ00232609 (v 2.0 dated 26 May 2009); FUJ00002118 (v 3.0 dated 21 January 2010);
FUJ00232653 (v 4.0 dated 16 December 2013); FUJ00002568 (v 5.0 dated 13 February 2014);
FUJ00002574 (v 6.0 dated 14 May 2014); FUJ00003152 (v 7.0 dated 30 November 2016); FUJ00003254
(v 8.0 dated 15 September 2017); FUJ00003331 (v 9.0 dated 10 May 2018); FUJ00003460 (v 10.0 dated
4 February 2021); FUJ00003472 (v 11.0 dated 14 October 2021); FUJ00235000 (v 12.0 dated 29 June
2023); FUJ00235001 (v 13.0 dated 3 May 2024)
28 CCN 1409a, FUJ00001104, raised on 5 March 2014
Page 21 of 218
WITN06650400
WITN06650400
responsible (subject to certain qualifications) for meeting the Requirements
specified in Schedule A15 in accordance with the ‘Solutions’ specified in Schedule
A16 by performing the Core System Services (i.e., those services specified in
clause 201.3, as described above). These Requirements and Solutions stated,
amongst other things, that:
a. Fujitsu was required to “provide one telephone number as a single point of
access to all Help Desk Services” (Requirement 521, Schedule A15).
Fujitsu’s Solution noted that “[Fujitsu] intends that the Horizon System
Helpdesk will be provided with a single telephone number’ (Reference 521,
Schedule A16).
b. — Fujitsu’s “support services will provide all appropriate support necessary to
ensure the continuous and efficient operation of the POCL Infrastructure
Service at all times from day 1” (Reference 523, Schedule A16).
c. The Service Desk would “deal with all calls relating to the operation,
configuration and end-user [postmaster] support of counter terminal
equipment, their operating systems software, application software and
processes”. Requests for support would be “categorised according to type
such as hardware, software, network, advice & guidance, configuration, etc”.
The Service Desk would provide “problem and fault diagnosis and [would]
control any necessary hardware or software maintenance activities”
(Reference 524, Schedule A16).
Page 22 of 218
WITN06650400
WITN06650400
d. The Service Desk would be “staffed by fully trained, qualified and
experienced personnel operating according to agreed procedures and within
agreed service performance levels” (Reference 527, Schedule A16).
e. Fujitsu’s Solution to Requirement 914 documented the “key service
characteristics” of the Service Desk Service. These included the three levels
of service: (i) Level 1 calls were described as “those which were relatively
simple and straightforward to explain and diagnose and which can be fully
resolved in less than 10 minutes” (paragraph 2.2.1), (ii) Level 2 calls were
“generally more complex problems and potential faults” which would typically
“take less than 30 minutes to resolve but in extreme cases may take longer,
up to 45 mins” (paragraphs 2.3.1 and 2.3.3), and (iii) Level 3 service was
invoked when the call could not be “fully resolved wholly’ within Service Desk
but required “escalation either to a higher level of technical support or to an
engineer to perform a maintenance visit’. In practice, the Software Support
Centre team (“SSC”) provided Third Line Support. The key service
requirements also covered hours of service (paragraph 2.5), problem
management (paragraph 2.6), resilience (paragraph 2.8), training (paragraph
2.9), personnel (paragraph 2.10), service targets (paragraph 2.11), and
service monitoring (paragraph 3).
37. I Under Schedule A08, ICL Sorbus Limited (“ICL Sorbus”), a Fujitsu subsidiary, was
listed as being the subcontractor responsible for the “Operation of Horizon System
Help Desk and Service Management Centre.” References to ICL Sorbus were
removed from the Varied and Restated Agreements.
Page 23 of 218
WITN06650400
WITN06650400
As explained above, the relevant Core System Services were the Operational
Services pursuant to clause 405 and, specifically, the POCL Infrastructure
Services, which were to be provided in accordance with the provisions of
Schedule G01 (POCL Infrastructure Service Definition). The Service Desk is
addressed in section 6 of Schedule G01, which noted by way of example:
a. “The first level Service shall provide an immediate problem solving service
for all simple and straightforward problems, which can be resolved within five
(5) minutes, and all general enquiries” (paragraph 6.3.1.1).
b. “The second level Service shall provide a diagnostics and fixing service for
all problems which cannot be fixed within five (5) minutes by the first level
Service, but which can be resolved within thirty (30) minutes”
(paragraph 6.3.2.1).
c. “[Fujitsu] shall provide a problem management system to record the problem
details...” (paragraph 6.4.1). Paragraph 6.4 then provides further detail in
relation to how problems were to be recorded.
d. “[Fujitsu] shall, on request, provide on-line access to the problem
management system...” (paragraph 6.9.5).
e. “[Fujitsu] shall retain Horizon System Helpdesk records for a minimum of
eighteen (18) months” (paragraph 6.9.3).
As explained above, in addition to provisions in the Horizon contract, the
contractual relationship between POL and Fujitsu is also governed by CCDs. In
Page 24 of 218
WITN06650400
WITN06650400
this regard, version 4.0 of the Horizon System Help Desk Call Enquiry Matrix (with
internal reference CS/FSP/002, the “Call Enquiry Matrix”) dated 28 July 1999 was
introduced. The Call Enquiry Matrix stated:
a. “The Horizon System Helpdesk provides a the [sic] single contact point for all
technical problems arising within the [Fujitsu] operating domain, from outlets,
[POL] and its clients where there are links into the ICL Pathway systems and
for reconciling data or information across those links as business incidents”.
b. Categories of incident, which included (amongst others) hardware incidents,
software incidents, network incidents, various operation incidents, advice and
guidance, documentation incidents and security incidents.
c. Version 4.0 introduced, for the first time, cash account balance incidents
(under the heading ‘PO Training’). These incidents were described as
relating to “training incidents arising from Wednesday's cash account balance
activities. These incidents typically fall outside the normal 5/10 minute A&G
calls’. The Call Enquiry Matrix explained that “[t]his service is designed to
assist the outlet staff with areas that they are unfamiliar with but are not
considered to be purely advice and guidance”.
The inclusion of cash account balance incidents in the Call Enquiry Matrix at this
time corresponded with the Horizon Live Trial in May 1999, which introduced into
branches, for the first time, cash accounting functionality as part of the EPOSS
service aspect of the Core System Release (there was no cash accounting
Page 25 of 218
WITN06650400
WITN06650400
functionality in the pilot releases 1A, 1B and 1C, as described in more detail in
paragraphs 64 to 89 of the First Corporate Statement).2”
41. As explained above, in the months following signature of the Codified Agreement,
the Supplemental Agreements were agreed between POL and Fujitsu. Each of the
Supplemental Agreements included provisions relevant to the operation of the
Service Desk. Further detail in relation to the Supplemental Agreements is set out
in paragraphs 124 to 138 of the First Corporate Statement.
42. Pursuant to paragraph 6 of Schedule 1 of the Third Supplemental Agreement,
Fujitsu and POL entered into an interface agreement to demarcate the
responsibilities between the Helpdesk and the ‘NBSC’, or Network Business
Support Centre. The NBSC was a POL-operated helpline introduced by CCN 441b
raised on 4 October 1999 to “provide [POL] users with additional support for new
and changed business processes during Live Trial’.2® Version 1.0 of the CCD
entitled “[FujitsuJ{POL] Interface Agreement for the NBSC and HSH Interface”
dated 25 February 2000 (with internal reference CS/IFS/007, the “Service Desk
Interface Agreement”) contained a “Responsibility Matrix” that specified which
types of incidents were the responsibility of POL’s Network Business Support
Centre (“NBSC”) and those which were the responsibility of Fujitsu’s Service
Desk.22 Amongst other things, this interface agreement stated that:
27 ICL Pathway Core System Release Contents Description (PA/STR/012), FUJ00078801 (v 1.0 dated 25
June 1999), section 1.4
28 FUJ00000407
29 FUJ00080405
Page 26 of 218
WITN06650400
WITN06650400
Service Desk was responsible for “informing NBSC of any known issues or
problems which may cause incidents to be logged or cause an exceptional
increase in call volumes at NBSC” (section 6.2(a)). NBSC was subject to a
corresponding obligation (section 6.1(a)).
Service Desk and NBSC were required to cooperate with each other fully “in
the resolution of complex appropriate incidents. A complex appropriate
incident is defined as “an incident that requires both NBSC and HSH action
to resolve the incident” (section 6.1(i) and section 6.2(i)). They were also
“responsible for accepting and logging undefined incidents’, which the
interface agreement defined as those incidents not listed in the Responsibility
Matrix at section 11 (sections 6.1(j) and 6.2(j)).
If a postmaster needed support when completing their cash account, Service
Desk was the first point of contact. In the first instance, Service Desk was to
assist the postmaster using scripts. If this resulted in a “cash account
discrepancy’, then the Service Desk was responsible for assisting the
postmaster in the correction of the discrepancy. If the Service Desk was
unable to resolve it, the postmaster was to be referred to the NBSC for
approval to accept the discrepancy (Schedule 11, under the heading “needs
support when completing cash account’).
If a postmaster was unable to complete their cash account, the Service Desk
was the first point of contact. Where the cash account could not be
Page 27 of 218
WITN06650400
WITN06650400
completed, the Service Desk was to refer the postmaster to the NBSC
(Schedule 11, under the heading “cannot complete cash account’).
e. In relation to EPOSS discrepancies, the Service Desk was responsible for
assisting the postmaster in the correction of the discrepancy. If the Service
Desk was unable to resolve it, the postmaster was to be referred to the NBSC
for approval to accept the discrepancy (Schedule 11, under the headings
“[hjas an EPOSS discrepancy (Daily)’ and “[hjas an EPOSS discrepancy
(Weekly)”).
43. At around the same time, Fujitsu produced version 1.0 of the process document
entitled ‘CSR+ Horizon System Helpdesk Processes and Procedures Description’
(with internal reference CS/PRO/092) dated 11 February 2000. This document was
classified as a Processes and Procedures Description (“PPD”),°° which is said to
have provided “a description of all the processes involved in order to enable the
contractual agreement of operations and to be a source from which authors can
develop any further user documentation needed”.*' In particular, the CSR+
Horizon System Helpdesk PPD noted:
3° By way of background, PPDs were introduced pursuant to Requirement 481 in Schedule A15 of the
Codified Agreement. Fujitsu’s Solution in Schedule A16 stated: ‘[Fujitsu] will provide a set of PPDs that
define the OPS operating procedures for use by staff at post offices. The PPDs will include processes for
transactions, accounting, balancing, stock taking and action to be taken [during an] emergency such as a
system failure. [Fujitsu] will cooperate with [POL] to allow [POL] to include instructions from the PPDs in
the [POL] operations manuals and other operational instructions for Users”.
31 FUJ00080403, this PPD was amended from time to time; See also FUJ00080407 (v 2.0 dated 12
September 2000); FUJ00001498 (v 3.0 dated 12 December 2000), FUJ00001579 (v 4.0 dated 20
September 2001). Significant changes were introduced at the time of FUJO0001761 (v 5.0 dated 25 March
2003); these are dealt with separately below.
Page 28 of 218
WITN06650400
WITN06650400
a. By way of overview that the Service Desk provided POL with “a single point
of contact for dealing with all problems relating to the Horizon system
procedures and the Horizon system installed in outlets, and also for OBCS
[Order Book Control Service] fallback encashments. Additionally it provides
a single point of contact for operational issues concerning the Horizon system
from pre-determined sources within [POL]” (section 3); and
b. The types of calls the Service Desk would field, many of which reflected those
described in the Call Enquiry Matrix set out above (section 5).
44. POL had a “business vision of a single point of contact’.*2 The first phase to
support this vision was introduced by CCN 777b raised on 19 July 2001.5° The
details of the change are stated in CCN 777b to have been that POL wished “to
move from two helpdesk telephone numbers to one utilising their NSBC as a SPoC
[single point of contact] utilising a BT Intelligent Call Router (ICR) system to route
the callers to either the HSH or NSBC depending on the time of enquiry, to enable
a seamless operation”. CCN 777b envisaged consequential amendments to the
Codified Agreement (specifically paragraphs 4.3 and 6.12.1 of Schedule G01, and
an amendment to the definition of single point of contact in Schedule A01).
45. In September 2002, Fujitsu proposed to reduce Service Desk calls and service
levels. In its ‘Proposal to Post Office Ltd for Extension of the Horizon Contract’
32 See the discussion in CCN 1016a, FUJ00000875, raised on 29 October 2002
33 FUJ00000684, raised on 19 July 2001
Page 29 of 218
WITN06650400
WITN06650400
dated 18 September 2002 (with internal reference BD/PRP/008, the “Fujitsu
Proposal”):*4
a. Fujitsu proposed the introduction of the Technical Service Desk “which will
be responsible for the monitoring and control of all calls relating to Network
Banking, whatever domain the calls come from” (see the Fujitsu Proposal).
b. Fujitsu proposed, amongst other things, that the Service Desk should provide
“[nJo advice and guidance calls (these calls will be taken by the Post Office
Help Desk - only technical support (fault reporting and resource co-
ordination) service will be provided... The effect of these changes, combined
with the implementation of SPOC2 and the implementation of the Technical
Service Desk, will reduce Help Desk Calls..."° The reference to ‘SPOC2’
was to the second phase of POL’s vision of a single point of contact referred
to above.
c. Fujitsu acknowledged that its staff were, at that time, responsible for handling
situations such as, investigating “issues where the financial integrity of the
Horizon system has been put in doubt by end-user claims of lost transactions,
lost stock or cash account misbalance”.*© Fujitsu proposed withdrawing this
service and replacing it with a single Fujitsu Problem Manager who would
liaise with POL central staff; “[t]he shared problem management database
will continue to be updated by the Fujitsu Services Problem Manager but pro-
34 FUJ00232510 (v 1.0)
35 FUJ00232510 (v 1.0), paragraph 5.3.1
36 FUJ00232510 (v 1.0), paragraph 5.3.5
Page 30 of 218
WITN06650400
WITN06650400
active problem management by Fujitsu Services at postmaster level will
cease”.97
46. These changes to the Service Desk were introduced, in part, by CCN 1016a in
October 2002, which envisaged consequential amendments to some of the
Schedules to the Codified Agreement, notably Schedules A15, A16, G01, G10 and
NO5.°6
47. Following the introduction of CCN 1016a in October 2002, the scope of the Service
Desk was reduced in material respects. CCN 1016a summarised the changes as
follows:
“Currently the NBSC resolves [POL] business related calls and the HSH
resolves calls surrounding the operation of the Horizon kit and calls relating
to hardware, software and network problems.
The introduction of SPoC 2 would result in the HSH only resolving
hardware, software and network problems, for example “my printer has
broken”, together with any environmental and security issues. The NBSC
would then resolve any calls where outlets require advice or guidance in
using the Horizon system, for example “how do I input bureau transaction
to the system.” These calls are currently categorised as Advice & Guidance,
cash accounting or training’.
37 FUJ00232510 (v 1.0), paragraph 5.3.5
38 FUJ00000875
Page 31 of 218
WITN06650400
WITN06650400
48. According to CCN 1016a, under the revised process, when placing a call, the
branch would be directed by the telephony which was in POL’s domain. All advice
and guidance type calls received at any time by the Service Desk would be referred
to the NSBC and logged as “inappropriate” by the Service Desk. The Service Desk
would only provide technical support on system issues.
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
49. Asnoted above, clause 1 of the Varied and Restated Agreements required Fujitsu
to perform the Operational Services, “in accordance with all applicable provisions
thereof’. Schedule 19 set out the Operational Services that were to be performed
by Fujitsu, which included (amongst others) the ‘Horizon Systems Help Desk
Service’, defined as, “[t]he provision of first and second line support to Post Office
Branches and other designated groups through the provision of a support desk
function”. The corresponding CCD was the ‘Horizon Systems Helpdesk: Service
Description’ (with internal reference CS/SER/002), which is addressed in more
detail in paragraphs 39 to 49 of the Second Corporate Statement.
50. The reduced scope of the Service Desk was reflected in substantial amendments.
to the CSR+ Horizon System Helpdesk PPD (with internal reference
CS/PRO/092), incorporated into version 5.0, dated 25 March 2003.°9 The ‘Service
Desk Interface Agreement’ (with internal reference CS/IFS/007) was also
amended to reflect the reduced scope of the Service Desk, such that version 4.0,
39 FUJ00001761
Page 32 of 218
WITN06650400
WITN06650400
dated 1 July 2003, no longer included cash account in the Responsibility Matrix
(contained in Appendix A).4°
HNG-X Agreements (31 August 2006 to Present)
51. In relation to the HNG-X Agreements, Schedule B3.1 sets out at paragraph 2 a
table listing the Operational Services which Fujitsu was required to perform,
including in row 1 the ‘Service Desk Service’, described as ‘[t]he provision of first
and second line support to Post Office Branches and other designated groups
through the provision of a support desk function” (following the description of the
‘Horizon Systems Help Desk Service’ contained in the Varied and Restated
Agreements.
52. The ‘New CCD’ for the Service Desk was identified as the ‘Service Desk Service:
Service Description’ (with internal reference SVM/SDM/SD/0001), 41 which
replaced the ‘Horizon Systems Helpdesk: Service Description’ (with internal
reference CS/SER/002) when it came into effect at “Trigger Point T2 (Service Desk
Change)”.*2 The content of the ‘Service Desk Service: Service Description’ is
addressed in more detail in paragraphs 39 to 49 of the Second Corporate
Statement.
40 FUJ00080444
41 FUJ00080457 (v 1.0 dated 31 August 2006); FUJ00080471 (v 2.0 dated 29 September 2008);
FUJ00080475 (v 3.0 dated 20 August 2010); FUJ00080477 (v 4.0 dated 16 September 2010);
FUJ00080483 (v 5.0 dated 29 April 2013); FUJ00080484 (v 6.0 dated 12 March 2014)
42 HNG-X Agreements, Schedule B3.1, Table A, paragraph 2
Page 33 of 218
WITN06650400
WITN06650400
53. Pursuant to CCNs 1409 and 1409a, from 2 July 2014, Fujitsu ceased to provide
the Service Desk Service.*? This change is reflected in version 10.0 of the HNG-
X Agreements dated 10 September 2015 and onwards, with Schedule B3.1 noting
that, following the introduction of POL’s towers model, the Service Desk Service
ceased to be a service provided by Fujitsu “as of the 2 July 2014, with the
transfer of responsibilities for the Service Desk transferring to the Next Supplier on
the 16 June 2014”.
Engineering Service
54. The Engineer or Engineering Service (“Engineering Service”) comprised an
onsite replacement or repair service for Horizon equipment at Post Office branches
and other designated locations, together with associated support and
administrative functions (for example, training centres and the NBSC).44 The
Engineering Service was provided, in some form, from Release 1A of the Fujitsu
Services in 1997,4 until 31 March 2015 when Fujitsu ceased to provide the
Engineering Service.*° A more detailed description of the Engineering Service is
set out in paragraphs 91 to 96 of the Second Corporate Statement.4”
Codified Agreement (28 July 1999 to 30 December 2002)
55. The provision of the Engineering Service was a requirement under Schedule A15
of the Codified Agreement. In particular, Requirement 468 dealt with engineering
43 CCN 1409a, FUJ00001 104, raised on 5 March 2014; CCN 1409, FUJ00232668, raised on 5 March 2014
44 FUJ00001802 (v 2.0 dated 15 May 2003); FUJ00002545 (v 6.0 dated 29 October 2013)
45 ICL Pathway Re-plan Proposal (CR/PLA/0001), POL00028185 (v 2.2 dated 18 March 1997)
48 CCN 1423c, FUJ00001116, raised on 18 August 2015
47 Second Corporate Statement of Fujitsu Services Limited, FUJ00126035, paragraphs 91 to 96
Page 34 of 218
WITN06650400
WITN06650400
visits to “POCL Infrastructure” and noted that “[mJaintenance and repair of the
elements of the POCL Service Infrastructure used to provide OPS involving onsite
attendance at POCL Premises by the Contractor's engineers shall not interfere
unduly with the ability of an Outlet to serve Customers, even where Outlets have
a single Counter Position and/or extremely limited physical space”.
56. The corresponding section of Schedule A16 contains Fujitsu’s Solution to
Requirement 468, which stated that:
a. Hardware “platform and associated peripherals have been chosen with
minimum maintenance in mind. All faults will be diagnosed with the aid of
expert systems by the Horizon System Helpdesk and it is anticipated that
fewer than 25% of calls will require a visit by a field engineer to replace an
unserviceable component. It is our experience that the majority of visits will
be completed within 20 minutes of arrival’.
b. _ It further clarified that “a postmaster may elect to defer a visit to a time which
he believes is more convenient for himself and his customers’.
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
57. As noted above, clause 1 of the Varied and Restated Agreements required Fujitsu
to perform the Operational Services, “in accordance with all applicable provisions
thereof’. Schedule 19 set out the Operational Services that were to be performed
by Fujitsu. The Operational Services included (amongst others) the ‘Engineer
Service’, defined as, “an on-site replacement or repair service for broken or faulty
Page 35 of 218
WITN06650400
WITN06650400
equipment at Branches together with associated back-up, support and
administrative functions’. The corresponding CCD was the ‘Engineer Service:
Service Description’ (with internal reference CS/SER/005) (the “Horizon Engineer
Service Description’).4°
58. Pursuant to section 1.1.1 of the Horizon Engineer Service Description, the
Engineer Service was defined as “an on-site replacement or repair service for
broken or faulty Horizon equipment at Post Office Branches and other designated
locations.” The Engineering Service had no direct involvement with software
issues. However, in relation to network and system failures, the service definition
noted that:
a. “[u]pon determining that a fault has occurred, the Post Office Branch will
contact the HSH, providing as much detail concerning the nature of the fault
as possible” (section 3.1.1);
b. “[w]here appropriate the HSH will complete diagnostic checks to attempt to
resolve the fault prior to committing a Support Engineer to attend the Post
Office Branch. The Post Office Branch will be asked to participate in this
diagnostic check where possible” (section 3.1.2);
c. “[i]f the fault cannot be cleared and service cannot be restored following the
initial diagnostic checks, the HSH will obtain detail of the access times to the
Post Office Branch, which are not necessarily linked to Post Office Branch
48 FUJ00001732 (v 1.0 dated 19 December 2002); FUJO0001802 (v 2.0 dated 15 May 2003)
Page 36 of 218
59.
WITN06650400
WITN06650400
opening times, and a visit by a Support Engineer will be scheduled in
accordance with the severity of the incident (Priority A or Priority B) and the
location of the Branch (Local, Intermediate or Remote). Definitions of Priority
and Local, Intermediate or Remote locations are set out in Schedule 15”
(section 3.1.3);
d. {tlhe Support Engineer will assess and seek to diagnose the Horizon
equipment fault and where possible, will rectify the fault through simple
adjustment, reconnection, cleaning or advice to Post Office Branch
personne’ (section 3.1.7); and
e. “[w]here there is a hardware fault involving a faulty component the Support
Engineer will exchange that faulty component with a replacement’ (section
3.1.8).
The services that were rendered by the Engineering Service regarding
communications outages were set out in section 3.6 of the Horizon Engineer
Service Description, under ‘Transaction Recovery’, and included that:
a. “When the ISDN line is not available at a Branch or a Fujitsu Services Support
Engineer (or other suitably qualified person authorised by Fujitsu Services)
will visit that Branch (a “Recovery Visit”) and connect the working gateway
PC with the Data Centre via an ISDN emulator, a Support Engineers laptop
(configured to communicate with the Data Centre via PSTN), and the
Branch’s existing PSTN line”;
Page 37 of 218
WITN06650400
WITN06650400
b. “Connection with a Data Centre will be achieved using the ISDN emulator in
such a way that the Branch gateway PC communicates with that Data Centre
as if it was using an ISDN line. Such connection shall be achieved using a
free phone telephone number’;
c. “Once communication has been established between a Branch and a Data
Centre (via ISDN emulator, laptop and PSTN line) normal two-way Riposte
message replication will occur. This will result in both delivery of Transaction
data to the Data Centre and delivery of Reference Data changes and OBCS
Stop List changes to the Branch’.
60. Version 3.0 of the Horizon Engineer Service Description dated 15 May 2003
contained an update to provide for “exceptional service availability’ in relation to
the Engineering Service, whereby services would be provided outside the Service
Availability hours, “to provide on site engineering support for Exhibitions, Displays
or Conferences”.*°
HNG-X Agreements (31 August 2006 to Present)
61. In relation to the HNG-X Agreements (versions 1.0 to 14.0, dating from 31 August
2006 to present), Schedule B3.1 set out at paragraph 2 a table listing the
Operational Services which Fujitsu was required to perform, including in row 2 the
‘Engineering Service’, described as “an on-site replacement or repair service for
49 FUJ00001802
Page 38 of 218
WITN06650400
WITN06650400
broken or faulty Equipment at Branches together with associated back-up, support
and administrative functions” .
62. The ‘New CCD’ for the Engineer Service was identified as the ‘Engineering
Service: Service Description’ (with internal reference SVM/SDM/SD/0002) (the
“HNG-X Engineering Service Description”), which became applicable from
“Trigger Point T1 (Amendment Date)” .5°
63. In line with the Horizon Engineer Service Description, the HNG-X Engineering
Service Description also divided the service into “[o]n-site replacement / repair of
faulty equipment’ and “Transaction Recovery’. This distinction remained in place
from 1 September 2006 to “Trigger Point T6 (HNG-X Application Roll Out
Complete)”. The transaction recovery provisions were no longer present in version
5.0 of the HNG-X Engineering Service Description dated 3 July 2012.
64. With regards to the ‘on-site replacement / repair of faulty equipment’ provisions,
the HNG-X Engineering Service Description noted in particular that:
a. “[t]he Fujitsu Services Support Engineer will assess and seek to diagnose the
Counter Equipment fault and, where possible, will rectify the fault through
simple adjustment, reconnection, cleaning or advice to Branch personnel”
(section 2.1.1.5);
5° FUJO0002021 (v 1.0 dated 31 August 2006); FUJ00002041 (v 2.0 dated 28 February 2007);
FUJ00080065 (v 2.2 dated 21 November 2008); FUJ00002080 (v 3.0 dated 25 November 2008);
FUJ00080119 (v 3.1 dated 21 July 2010); FUJ00002277 (v 4.0 dated 26 November 2010); FUJ00002445
(v 5.0 dated 3 July 2012); FUJ00002545 (v 6.0 dated 29 October 2013)
Page 39 of 218
WITN06650400
WITN06650400
b. “[w]here there is a Hardware fault involving a faulty component, the Fujitsu
Services Support Engineer will exchange that faulty component with a
replacement’ (section 2.1.1.7); and
c. ‘“[t]he Fujitsu Services Support Engineer will ensure that the Counter
Equipment is working correctly prior to leaving the Branch” (section 2.1.1.8).
65. The services in relation to Transaction Recovery were addressed in section 3.1.2
of the HNG-X Engineering Service Description, in relation to branches “not yet
migrated to the HNG-X Application’. Version 5.0 of the HNG-X Engineering
Service Description dated 3 July 2012 did not contain the Transaction Recovery
services.
66. Pursuant to CCN 1423c, from 18 August 2015, Fujitsu ceased to provide the
Engineering Service as the service had expired on 31 March 2015.5! This change
is reflected in version 11.0 of the HNG-X Agreements dated 31 March 2016 and
onwards.
Third Line Support Service
67. Throughout the Relevant Period, the Third Line Support Service has provided
technical support to resolve incidents that the Service Desk (including the relevant
second line support teams) are unable to resolve. Provision of the Third Line
Support Service continues to the present day.
51 FUJ00001116
Page 40 of 218
WITN06650400
WITN06650400
Codified Agreement (28 July 1999 to 30 December 2002)
68.
69.
The Third Line Support Service was originally provided as part of the general
Service Desk Service under Requirement 914 of Schedule A15, which noted:
a. Fujitsu Service Desk Service was to “provide first, second and third level
Services...”; and
b. — “[i]f the Help Desk is unable to resolve a problem at the first or second level
[Fujitsu] shall categorise and prioritise the problem so that it can be actioned
and completed within a standard timescale”. This Requirement is repeated in
paragraph 6.3.3 of Schedule G01.
Fujitsu’s Solutions as set out in Schedule A16 of the Codified Agreement then
stated as follows:
a. “Level 3 service is invoked when the call cannot be fully resolved wholly
within the Horizon System Helpdesk but requires escalation either to a higher
level of technical support or to an engineer to perform a maintenance visit’
(paragraph 2.4.1);
b. “Calls will be transferred to Level 3 support electronically complete with all
of the details of progress made at levels 1 and 2. Calls will be prioritised and
categorised so that they can be actioned within standard agreed timescales”
(paragraph 2.4.2);
Page 41 of 218
WITN06650400
WITN06650400
c. “All level 3 calls will be monitored to ensure that the Service Level Agreement
is met. The call will also continue to be monitored post resolution to ensure
that repeat or intermittent failures are identified as quickly as possible”
(paragraph 2.4.3); and
d. “Level 3 calls will be analysed to identify patterns and trends of failure either
within specific Outlets or with system items” (paragraph 2.4.4).
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
70. As noted above, clause 1 of the Varied and Restated Agreements provided that
Fujitsu was required to perform the Operational Services, “in accordance with all
applicable provisions thereof’.
71. Schedule 19 set out the Operational Services that were to be performed by Fujitsu
which, throughout the period of the Varied and Restated Agreements, included
Third Line Support as a distinct service (and not as part of the Service Desk). The
Third Line Support Service was defined in this regard as the “[s]ervice for the
diagnosis of new software incidents occurring in Branches and the data centre”,
and the corresponding CCD was entitled ‘Service Description for Third Line
Software Support Service’ (with internal reference CS/SER/009) (the “Horizon
Third Line Support Service Description’).52
72. Further detail in relation to the Horizon Third Line Support Service Description is
set out in paragraphs 76 to 79 in the Second Corporate Statement. For ease of
52 FUJ00001735 (v 1.0 dated 19 December 2002)
Page 42 of 218
WITN06650400
WITN06650400
reference, the sections of the Horizon Third Line Support Service Description most
relevant to the Incident Management Obligations stated that Third Line Support
was responsible for:
a. “The investigation, in accordance with operational procedures, of suspected
new software errors escalated from the Horizon Systems Help Desk and
Systems Management Centre” (section 3.0(a)).
b. In the context of workarounds (section 3.0(b)):
(i) “updating of entries on a support knowledge database”; and
(ii) I “provision to Fourth Line Support of sufficient information to enable
further diagnosis and the production of a software fix where
appropriate”.
c. “[R]ecovery of transactions from Branches in circumstances where it has not
been possible to deploy the laptop emulator solution and hence the relevant
processor or processors have been recovered via the Engineer Service
(CS/SER/005) to a central site” (section 3.0(d)).
HNG-X Agreements (31 August 2006 to Present)
73. In relation to the HNG-X Agreements, the table at paragraph 2 of Schedule B3.1
sets out the Operational Services to be performed by Fujitsu. As with the Varied
and Restated Agreements, the Third Line Support Service is described as a
“[slervice for the diagnosis of new software Incidents occurring in Branches and
Page 43 of 218
WITN06650400
WITN06650400
the Data Centre” excluding support for “Configured POL FS or the SAP Loading
Applications” (namely those applications managed by POL).
74. The ‘New CCD’ for Third Line Support was identified as the ‘Third Line Support
Service: Service Description’ (with internal reference SVM/SDM/SD/0004)* (the
“HNG-X Third Line Support Service Description”) which replaced the Horizon
Third Line Support Service Description (with internal reference CS/SER/009) when
it came into effect upon the “Commencement of HNG-X Project Workstream X4
(HNG-X Application Rollout)”.
75. Further detail in relation to the HNG-X Third Line Support Service Description (with
internal reference SVM/SDM/SD/0004) is addressed in paragraphs 76 to 79 of the
Second Corporate Statement. In short, the HNG-X Third Line Support Service
Description described at a high level the “technical support provided by the Third
Line Support Service to the appropriate Operational Services”, including:
a. The Service Desk Service, which in particular noted (section 2.1.1.1):
(i) “Data relating to Incidents are passed from the Service Desk Incident
Management Systems via a technical interface to the Third Line
Support Service fault management tool...”. From version 2.0 of the
HNG-X Third Line Support Service Description this tool was
confirmed to be “Peak’,®4 and from version 3.0, the tool was referred
53 FUJ00002023 (v 1.0 dated 31 August 2006); FUJ00002081 (v 2.0 dated 4 September 2008);
FUJ00002233 (v 3.0 dated 9 August 2010); FUJ00002453 (v 4.0 dated 18 February 2013); FUJ00002474
(v 5.0 dated 24 May 2013); FUJ00003471 (v 6.0 dated 6 October 2021); FUJ00234996 (v 7.0 dated 12
March 2024)
54 FUJ00002081 (v 2.0 dated 4 September 2008)
Page 44 of 218
WITN06650400
WITN06650400
to as an “electronic interface to the Third Line Support Service
incident management tool (Peak)”;®> and
(ii) I “Third Line Support Service will provide information for, and maintain
the Known Error Log (KEL)”;
b. I The Fourth Line Support Service described below, including:
(i) assistance “in the development of Software fixtures required...”
(section 2.1.1.4); and
(ii) the two services were to “...work closely together in the identification
and resolution of Software Incidents requiring bug fixes”
(section 2.7.1.5);
c. The Engineering Service described above, including assistance “in the
resolution of Hardware Incidents within the Branch” (section 2.1.1.10);
d. IThe Management Information Service described below, including assistance
“in the generation of management information in response to Miscellaneous
Data Requests in respect of ad-hoc data extractions” (section 2.1.1.11);5°
and
e. The Reconciliation Service described below, including assistance “in the
resolution of Reconciliation Incidents where Transaction information is
55 FUJ00002233 (v 3.0 dated 9 August 2010)
56 The language of this section 2.1.1.11 was revised from the HNG-X Third Line Support Service Description
(SVM/SDM/SD/0004), FUJ00002081 (v 2.0 dated 4 September 2008) to refer to “Ad-Hoc Data Requests”
as opposed to “Miscellaneous Data Requests”
Page 45 of 218
WITN06650400
WITN06650400
required following interrogation of the HNG-X Central Infrastructure. This will
also include the re-sending of rejected Transactions to Post Office or Clients
following the resolution of a Reconciliation Incident’ (section 2.1.1.12).
76. In addition, Third Line Support was responsible for investigating “any suspected
new Software errors escalated from the Service Desk or Systems Management
Service and provide Software fixes, as required...” (section 2.1.1.13, HNG-X Third
Line Support Service Description).
Fourth Line Support Service®”
77. In outline, Fourth Line Support was formally introduced into the Horizon contract
with version 1.0 of the Varied and Restatement Agreement dated 31 December
20025 and continues to the present day. Fourth Line Support provided support for
software and system errors insofar as they could not be resolved by the Third Line
Support Service. Fourth Line Support was also responsible for developing new
software functionality and products (including those required to address BEDs in
the Horizon system). After the introduction of HNG-X, Fourth Line Support was
also referred to as the Application Support Service and was delivered by Fujitsu’s
Application Division teams, in addition to certain teams based overseas.
57 Although Fourth Line Support was classified as a ‘Development Service’ in the Codified Agreement and
Varied and Restated Agreements, it is convenient to deal with it under the heading Operational Services,
together with the other relevant services.
58 FUJ00000074
Page 46 of 218
WITN06650400
WITN06650400
Codified Agreement (28 July 1999 to 30 December 2002)
78. As noted above, under Schedule A01 of the Codified Agreement, the Service Desk
was defined as “[t]he initial point of call for Users in need of support relating to the
POCL Services”. The role of the Service Desk was set out more particularly at
Section 6 of Schedule G01. This provision, however, included only the first, second
and third lines of support.
79. Whilst Fourth Line Support was not reflected in the contractual documentation at
the time, in practice, Fujitsu operated a team which was responsible for, amongst
other things, fixing new software problems that could not be resolved by the Third
Line Support Service.
80. The existence and responsibilities of Fourth Line Support were set out in other
documents including the ‘End to end support process operational agreement’ (with
internal reference CS/FSP/006) dated 10 October 1999,5° which stated at section
6 that, among other things, Fourth Line Support should (i) “receive incidents
passed from the SSC”, and (ii) “ensure that the incident is resolved within the total
time allowed by the contract between [POL] and [Fujitsu]”.
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
81. The ‘Fourth Line Application Service’ was formally defined in the Varied and
Restated Agreements at Schedule 1, as “[s]upport of the systems infrastructure
58 End to End Support Process, Operational Level Agreement (CS/FSP/006), FUJ00119994 (v 1.0 dated
10 October 1999)
Page 47 of 218
WITN06650400
WITN06650400
(used to provide services to [POL] by [Fujitsu]) through the development of bug
fixes, patches or similar restorative or preventative software’.
82. As noted above, Fourth Line Support was not classified as an Operational Service;
at this time, it formed part of the ‘Development Services’ provided under the Varied
and Restated Agreements. Paragraph 2.1 of Schedule 20 stated:
“The following Services are referred to together as “Development
Services”...
SI! Support Services (including Fourth Line Support and Fujitsu Services’
internal re-architecting projects)”.
HNG-X Agreements (31 August 2006 to Present)
83. In relation to the HNG-X Agreements, Schedule 1, read with Table A of Schedule
B3.1, defined the ‘Application Support Service (Fourth Line)’ as providing “support
for software and system errors which cannot be resolved by the Third Line
Software Support Service”. Schedule B3.1 identified the relevant CCD for the
Fourth Line Support as the ‘Application Support Service (Fourth Line): Service
Description’ (with internal reference SVM/SDM/SD/0005) (the “Fourth Line
Service Description”).
6° FUJ00079997 (v 1.0 dated 24 August 2006); FUJO0080067 (v 2.0 dated 4 September 2008);
FUJ00120473 (v 3.0 dated 29 October 2009); FUJ00080125 (v 4.0 dated 24 August 2010); FUJ00080235
(v 5.0 dated 13 September 2013); FUJ00002570 (v 6.0 dated 13 March 2014); FUJ00080379 (v 7.0 dated
29 November 2016); FUJ00003475 (v 8.0 dated 22 November 2021); FUJ00234997 (v 9.0 dated 5 April
2024)
Page 48 of 218
WITN06650400
WITN06650400
84. The first version of the Fourth Line Service Description (with internal reference
SVM/SDM/SD/0005) dated 24 August 2006°' provided at paragraph 2.1.1 that
Fourth Line Support included (amongst other things):
a. “receiving from the Third Line Support Service, Software related Incidents
which cannot be resolved by the Third Line Support Service’;
b. “identifying a “known error” following receipt of the Incident from the Third
Line Support Service, where this information will be communicated to the
Third Line Support Service and the appropriate Known Error Log (KEL) will
be updated and the information disseminated to the Service Desk to enable
the resolution of similar Incidents”;
c. “ensuring the internal [Fujitsu] Incident management systems are updated
with the Incident resolution details prior to return to the Third Line Support
Service together with the method of recreation of the problem”; and
d. “ensuring that any resolutions or workarounds which are returned to the Third
Line Support Service have been tested (including regression testing) and
have been correctly authorised in accordance with the Release Authorisation
Process’.
61 FUJ00079997 (v 1.0 dated 24 August 2006)
Page 49 of 218
WITN06650400
WITN06650400
85. The content of the Fourth Line Service Description (SVM/SDM/SD/0005) and
various changes in the scope of Fourth Line Support are addressed in more detail
at paragraphs 80 to 90 of Fujitsu’s Second Corporate Statement.
Service Management Service
86. The Service Management Service was first established in May 1996 as part of the
Pathway Programme to monitor, manage and maintain the delivery of the
Operational Services. Provision of the Service Management Service continues to
the present day.
Codified Agreement (28 July 1999 to 30 December 2002)
87. Pursuant to clause 601 of the Codified Agreement, POL was entitled to monitor
Fujitsu’s performance of its obligations under the agreement in accordance with
the procedures set out in Schedule A04, which concerned “Contract
Management’ .©
88. Schedule A04 provided that the objectives of Contract Management were to
monitor and manage the delivery of the Operational Services and authorise actions
which improved those services.®* The schedule specified that Fujitsu and POL
were to establish several joint boards within one month following execution of the
Codified Agreement to give effect to these objectives. Relevant to the Incident
Management Obligations, Fujitsu and POL were to establish a Service Review
® FUJ00000071, paragraph 1.1
®3 FUJ00000071
&4 FUJ00000071, paragraph 2.1.2
Page 50 of 218
WITN06650400
WITN06650400
Board (which at various times has been known as the ‘Monthly Service Review
Board’, ® ‘Service Management Forum’, ‘Service Management Relationship’,
‘Service Management Review’, ‘Joint Service Review Board’, or ‘Horizon Service
Review Forum’) (“Service Management Review Forum’”).*” I understand that the
Service Management Review Forum has operated throughout the Relevant
Period, however the precise structure, name, attendees, frequency and functions
of this forum and related review and management forums may have changed from
time to time.
89. According to Schedule A04, the purpose of the Service Management Review
Forum was stated as follows:
“To review performance against contracted service levels.
To agree remedies payable arising from any failures to meet service levels.
To monitor and review operations of operational business change processes.
Such other purposes as are set out in the relevant service management
schedules.”®®
90. Schedule A04 provided that the Service Management Review Forum was to be a
monthly meeting attended by (i) POL’s Head of Service Management, (ii) POL’s
Meeting secretary, and (iii) Fujitsu’s Customer Service Director.® If remedies were
65 Witness Statement of Liz Evans-Jones, WITN06680100, paragraph 17
88 Service Review Book, FUJ00152281 (v 1.0 dated 15 January 2008)
87 Service Management Service Description (CS/SER/014), FUJ00120444 (v 1.0 dated 31 December 2002)
68 FUJ00000071
6° FUJ00000071
Page 51 of 218
WITN06650400
WITN06650400
to be discussed at the Service Management Review Forum, it appears POL’s
Horizon Commercial Manager and Fujitsu’s Financial Controller were also required
to attend.”° Other members of POL and Fujitsu could attend at either party's
discretion.’1 According to Schedule A04, decisions of the Service Management
Review Forum were only effective if approved by POL’s Head of Service
Management and Fujitsu’s Customer Service Director.’2
91. Pursuant to clause 602.2 of the Codified Agreement, Fujitsu was to provide
‘Management Services’ as specified in ‘Service Management’ schedules relating
to each operational service. These schedules were: Schedule E05 (Automated
Payment Service (“APS") Service Management), Schedule F05 (EPOSS Service
Management), Schedule GO7 (POCL Infrastructure Service Management),
Schedule HO5 (OBCS Service Management), and Schedule K05 (Logistics Feeder
Service (“LFS”) Service Management) (together, the “Service Management
Schedules”). ”° Notwithstanding these schedules being distinct for each
Operational Service, the ‘Management Services’ described in them were
substantially similar and included the following:
a. The objectives of service management were to “monitor and manage the
delivery’ of the operational service and “report on the same to the Contract
Steering Group defined in Schedule A04.”
70 FUJ00000071
™ FUJ00000071
72 FUJ00000071
73 These schedules appear to be precursors to the ‘Service Description’ CCD for the Service Management
Service, which was first approved under the Varied & Restated Agreements as detailed below at paragraph
95
Page 52 of 218
WITN06650400
WITN06650400
b. Fujitsu and POL were to “establish an organisational structure to manage the
delivery’ of the operational service in accordance with its service description.
c. The key Fujitsu personnel responsible for service delivery were:
(i) I the Operational Service Manager, who was to attend the Service
Management Review Forum;
(ii) I the Service Manager, who was responsible for the overall delivery of
the service to POL. The Service Manager was responsible for, inter
alia, the maintenance of Service Levels, providing monthly service
reports, and briefing the Operational Services Manager in advance of
the Service Management Review Forum meetings; and
(iii) I the Service Desk Manager, who was responsible for the management
of “POCL problems and enquiries’.”4
d. The key POL personnel responsible for service delivery were:
(i) I the POL Business Manager, who was responsible for the “business
which the [operational] service supports” and who also attended the
Service Management Review Forum;
74 The exception to this was in relation to Service Management for LFS. Fujitsu's Service Desk Manager
for this service was only responsible for calls relating to LFS software or infrastructure as identified in the
Call Enquiry Matrix. Fujitsu's Service Desk Manager was not responsible for managing calls relating to POL
procedures and the use of LFS within the branch. Where such calls were made to the Service Desk, the
caller was to be advised to contact the appropriate POL helpdesk.
Page 53 of 218
WITN06650400
WITN06650400
(ii) I the POL Liaison Manager responsible for the day-to-day liaison with
Fujitsu, and was responsible for, inter alia, monitoring delivered
service levels, receiving and analysing monthly service reports, and
briefing the POL Business Manager in advance of the Service
Management Review Forum meetings; and
(iii) in relation to the Management Services for LFS, POL was responsible
for providing its own “Helpdesk service for LFS users” .”5
e. Fujitsu and POL were to operate escalation procedures for issues affecting
the operational service in accordance with Schedule A04 of the Codified
Agreement.
f. Fujitsu was to provide POL with a monthly Service Management Report
(which at various times has been known as a ‘Service Review’, ‘Service
Review Book’ or ‘Service Management Review’) (“Service Management
Report’), which would allow POL to monitor Fujitsu’s service provision and
achievement of service levels. These reports were to include (i) “service
breaks/service failures”, and (ii) “incidents resolved and outstanding”, and
Fujitsu was to provide POL access to “the raw data used to generate service
management reports when requested” to allow POL to generate POL internal
reports.”® The Service Management Report was the primary input into the
Service Management Review Forum and was provided to POL by the
78 FUJO0000071
76 FUJ00000071
Page 54 of 218
WITN06650400
WITN06650400
Management Information Service as explained further at paragraphs 113 to
127 below.
g. The POL Business Manager and Fujitsu's Operational Service Manager were
to meet every three months (or as otherwise agreed by them) to “review
Service Levels, Incidents and Problems reported in the previous period”.’””
Fujitsu was to “prepare the necessary reports for discussion” at the meeting
and POL was to keep a record of the meeting and distribute this to Fujitsu
and the “POCL Contract Manager for review at the Contract Steering Group
Meeting”.”®
92. As noted above at paragraph 37, under Schedule A8 of the Codified Agreement,
ICL Sorbus was listed as the subcontractor responsible for the “Operation of
Horizon System Help Desk and Service Management Centre.”’9 References to
ICL Sorbus are removed from the Varied and Restated Agreements.
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
93. Pursuant to clause 25 of the Varied and Restated Agreements, POL was entitled
to monitor Fujitsu’s performance of its obligations under the agreement in
accordance with Schedule 4 (Governance) and Schedule 19 (Operational
Services).
77 FUJ00000071
78 FUJ00000071
79 FUJ00000071
Page 55 of 218
WITN06650400
WITN06650400
94. As with Schedule 04 of the Codified Agreement, Schedule 4 of the Varied and
Restated Agreements set out the various joint forums that were to be held by
Fujitsu and POL to monitor and manage the Horizon contract, which included the
Service Management Review Forum. Annex 1 to Schedule 4 of the Varied and
Restated Agreements set out (amongst other things) the composition, role, and
responsibilities of these forums. The Service Management Review Forum was to
be a monthly meeting attended by (i) POL’s Head of Network Support, (ii) POL’s
Supplier and Service Performance Manager, (iii) POL’s Commercial Manager, (iv)
Fujitsu’s Customer Service Director, and (v) Fujitsu’s Infrastructure Service
Manager. Other members of POL and Fujitsu could attend as required. The annex
also detailed the responsibilities of the Service Management Review Forum, which
are set out below at paragraphs 210 to 215.
95. As noted above, Schedule 19 of the Varied and Restated Agreements set out the
Operational Services to be performed by Fujitsu, which included the ‘Service
Management Service’.®° The schedule provided the following brief description for
the Service Management Service: “The objectives of the service are to monitor,
manage and maintain the delivery of the Operational Services using the
Applications and to report on the same to the Service Management Forum.” ®' The
corresponding CCD was the ‘Service Management Service: Service Description’
(with internal reference CS/SER/014) (“Horizon Service Management
80 FUJ00000074
81 FUJ00000074
Page 56 of 218
WITN06650400
WITN06650400
Description”),®* which is addressed in more detail in paragraphs 22 to 36 of the
Second Corporate Statement.
96. Relevant to the Incident Management Obligations, the Horizon Service
Management Description notes that Fujitsu would provide a “dedicated problem
manager’ in accordance with a CCD entitled ‘Interface Agreement for the Problem
Management Interface’ (with internal reference CS/IFS/008) (“Problem
Management Interface Agreement”). ® This agreement provided that certain
types of problems that affected Post Office branches would be excluded from the
scope of Fujitsu’s problem management function, and with the exception of
investigating equipment and electrical supply health and safety issues, Fujitsu
would have no obligations in relation to the following:
“a) Investigating and managing the resolution of exceptional volumes of
incidents experienced by individual Branches.
b) Investigating and gathering information on problems across Branches.
c) Acting as on-site Project manager for complex OBC changes to marshal
resources and reduce risk.
d) Detailed investigation of individual complaints from branches
82 FUJ00120444 (v 1.0 dated 31 December 2002)
83 FUJ00079886 (v 1.0 dated 23 December 2002)
Page 57 of 218
WITN06650400
WITN06650400
e) Investigation of issues where the financial integrity of the Horizon system
at an individual Branch has been put in doubt by end-user claims of lost
transactions, lost stock or cash account misbalance.
f) Monitoring of Branches that have recently experienced multiple incidents
and problems.”*
(together, “Excluded Branch Obligations”)
HNG-X Agreements (31 August 2006 to Present)
97. Pursuant to clause 3.1 of the HNG-X Agreements, Fujitsu and POL are to govern
their relationship in accordance with the provisions of Schedule A2 (Relationship
and Governance), which includes the ‘Service Management Relationship’. As with
Annex 1 to Schedule 4 of the Varied and Restated Agreements, Annex 1 to
Schedule A2 sets out the various joint forums that are to be held by Fujitsu and
POL to monitor and manage the Horizon contract, including their composition, role
and responsibilities. According to Annex 1, the Service Management Review
Forum is to be a monthly meeting attended by (i) POL’s Head of Operations Control
and/or Service Integrator, ®° and (ii) Fujitsu’s Customer Service Director. The
responsibilities of the Service Management Review Forum are set out below at
paragraphs 210 to 215 in this statement.
® FUJ00120444 (v 1.0 dated 31 December 2002); FUJ00079886 (v 1.0 dated 23 December 2002)
85 Prior to version 9 of the HNG-X Agreement, Annex 1 to Schedule A2 provided that the POL attendee of
the Service Management Review Forum was to be the Head of Operations Control only
Page 58 of 218
WITN06650400
WITN06650400
98. As noted above, Schedule B3.1 of the HNG-X Agreements lists the Operational
Services which Fujitsu is required to perform, including in row 11 the ‘Service
Management Service’. The schedule describes the Service Management Service
as follows: “The objectives of the Service are to monitor, manage and maintain the
delivery of the Operational Services. This Service also includes: [i] The Capacity
Management Service [ii] The Release management service.”®* Under the HNG-X
Agreements, the service was expanded to include the ‘Capacity Management
Service’ and the ‘Release Management Service’ (although I understand from the
POA that ‘Release Introduction’ and ‘Capacity management’ were components of
the Service Management Service under the Varied and Restated Agreements as
set out in the Horizon Service Management Description and explained in
paragraphs 23 and 26 to 32 of the Second Corporate Statement).®”
99. The ‘New CCD’ for the Service Management Service was identified as the ‘Service
Management Service: Service Description’ (with internal reference
SVM/SDM/SD/0007) (“HNG-X Service Management Description’), ® which
replaced the Horizon Service Management Description upon the “Commencement
of HNG-X Project Workstream X4 (HNG-X Application Rollout)”. The content of the
HNG-X Service Management Description is addressed in more detail in
paragraphs 22 to 36 of the Second Corporate Statement.
86 FUJ00000084
87 Second Corporate Statement of Fujitsu Services Limited, FUJ00126035, paragraphs 23, 26 to 32
8 FUJO0002025 (v 1.0 dated 24 August 2006); FUJ00002269 (v 2.0 dated 5 November 2010);
FUJ00002511 (v 3.0 dated 19 September 2013); FUJ00002551 (v 4.0 dated 21 November 2013);
FUJ00003151 (v 5.0 dated 30 November 2016); FUJ00003441 (v 6.0 dated 17 January 2020);
FUJ00003474 (v 7.0 dated 8 November 2021); FUJ00234999 (v 8.0 dated 13 December 2023)
Page 59 of 218
WITN06650400
WITN06650400
100. Relevant to the Incident Management Obligations, the HNG-X Service
Management Description reintroduced many of the Excluded Branch Obligations
so that they were again within the scope of Fujitsu’s problem management
function. Pursuant to paragraph 2.1.3 of the HNG-X Service Management
Description, Fujitsu was to provide a “Branch Issues Manager’ to:
(b) investigate and manage the resolution of exceptional volumes of
Incidents experienced by individual Branches;
(c) investigate and gather information on problems across Branches;
(d) to [sic] provide additional on-site support, where requested to do so by
the Operational Business Change Service, for complex Operational
Business Changes (relating to that Branch) to marshal resources and
reduce risk;
(e) monitor Branches that have recently experienced multiple Incidents and
problems with other Operational Services for a period agreed between
Fujitsu Services and the Post Office on a case by case basis; and
(f) provide details to Post Office of any issues outside of Fujitsu Services
control to enable Post Office to manage resolution of the Incidents.”
Page 60 of 218
WITN06650400
WITN06650400
Systems Management Service
101. The Systems Management Service was an internal Fujitsu service provided by the
Systems Management Centre (“SMC”). The delivery of the Systems Management
Service during Legacy Horizon and HNG-X is addressed in more detail in Fujitsu’s
Second Corporate Statement at paragraphs 50 to 61. Relevant to the Incident
Management Obligations, the service provided events management and systems
monitoring, including to monitor for indicators of software or hardware conditions
that could impact the branch infrastructure, as well as the distribution of software
to the branch infrastructure. ®°
Codified Agreement (28 July 1999 to 30 December 2002)
102. While the Systems Management Service was not formally defined as a service in
the Codified Agreement, the agreement nonetheless imposed a number of
obligations on Fujitsu in relation to systems management.
103. Requirement 537 at Schedule A15 required Fujitsu to “carry out system
management of all the POCL Services in a consistent and coherent manner to
ensure the following: (a) Activities within the POCL Services, including TMS, OPS,
OBCS, APS and EPOSS; (b) Changes to the POCL Services can be made
speedily and accurately.”
82 Service Description for Systems Management Service (CS/SER/008), FUJ00001734 (v 1.0 dated 18
December 2002); FUJ00002024 (v 1.0 dated 31 August 2006); FUJ00002101 (v 2.0 dated 26 August 2009);
FUJ00002540 (v 3.0 dated 17 October 2013); FUJ00002573 (v 4.0 dated 16 April 2014); FUJ00003034 (v
5.0 dated 12 November 2015); FUJ00003247 (v 6.0 dated 20 July 2017)
Page 61 of 218
WITN06650400
WITN06650400
104. The specified solution to Requirement 537 at Schedule A16 provided that:
“The Pathway strategy for System Management will comprises a set of services
as follows:
Software repository — the storage and maintenance of records identifying what
software versions are stored on what machines.
Software distribution — the scheduling of software upgrades to a defined set of
machines.
Event management — the notification of significant events to a central source.
Asset management — the storage and maintenance of information on the
existence/type of machines and associated peripherals.
Configuration management — the non-static configuration parameters that drive the
applications and operating system. This includes Resource Monitoring and
Network Management’.
105. As noted earlier, under Clause 201.2 of the Codified Agreement, Fujitsu was to
deliver the solutions at Schedule A16 by performing the Core System Services
(which were those services specified in clause 201.3).
106. The relevant Core System Services for systems management were the
Operational Services pursuant to clause 405 and, specifically, the POCL
Infrastructure Services, in accordance with the provisions of Schedule G01.
Page 62 of 218
WITN06650400
WITN06650400
107. Paragraph 5 of Schedule G01 required, amongst other things, that:
a. “A Systems Management function shall be deployed [by Fujitsu] based on a
central service delivery capability, able to interact with each of the Outlets’.
b. Fujitsu “shall carry out system management of all POCL Services in a
consistent and coherent manner. The activities within each POCL Service
shall be co-ordinated such that, for example, changes and faults can be
tracked across POCL Service boundaries. [R537]
c. “System Management facilities shall include, without limitation: [8537]
Software repository — the storage and maintenance of records
identifying what software versions are stored on what machines;
Software distribution — the scheduling of software upgrades to a
defined set of machines;
Event management — the notification of significant Events to a central
source;
Asset management — the storage and maintenance of information on
the existence and type of machines and associated peripherals;
Configuration Management — the non-static configuration parameters
that drive the Applications and operating systems’.
Page 63 of 218
WITN06650400
WITN06650400
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
108. As noted above, clause 1 of the Varied and Restated Agreements provided that
Fujitsu was required to perform the Operational Services, “in accordance with all
applicable provisions thereof’.
109. The Systems Management Service was formally defined at Table A of Schedule 1
of the Varied and Restated Agreements. The ‘Systems Management Service’ was
described as “Event management and software distribution services.” The
corresponding CCD was given as the ‘Service Description for Systems
Management Service’ (with internal reference CS/SER/008) (the “Horizon
Systems Management Service Description”).® This service description and its
contents were referred to in the Second Corporate Statement at paragraphs 50
and 51, however, the service is noted to have included “[mJonitoring of events in
the Branch infrastructure and data centre estate. Events are the indications of
conditions that have operational significance. They include software, hardware or
security conditions that may require investigation and also include occurrences of
events such as low battery in PIN Pads...”
HNG-X Agreements (31 August 2006 to Present)
110. In relation to the HNG-X Agreements, Schedule 1, read with Table A of Schedule
B3.1, described the Systems Management Service as providing “Event
management and software distribution services.” Schedule B3.1 identified the
9 FUJ00001734 (v 1.0 dated 18 December 2002)
Page 64 of 218
WITN06650400
WITN06650400
‘New CCD’ for the Systems Management Service as the ‘Systems Management
Service: Service Description’ (with internal reference SVM/SDM/SD/0006) (the
“HNG-X Systems Management Service Description”) which replaced the
Horizon Systems Management Service Description (CS/SER/008) upon the
“Commencement of HNG-X Project Workstream X4 (HNG-X Application
Rollout)”.9"
111. The first version of the HNG-X Systems Management Service Description
(SVM/SDM/SD/0006) dated 31 August 2006° provided at paragraph 1.1 that the
Systems Management Service would comprise:
a. “an event management service”;
b. “a systems monitoring service”; and
c. “a software distribution service’.
112. Further detail regarding the content of the HNG-X Systems Management Service
Description (with internal reference SVM/SDM/SD/0006) and the delivery of the
Systems Management Service during the HNG-X period is addressed at
paragraphs 56 to 61 of the Second Corporate Statement, and (similarly to the
period of the Varied and Restated Agreements) included at section 2.1.1 “event
and systems monitoring of both the Branch Infrastructure and HNG-X Central
1 FUJ00002024 (v 1.0 dated 31 August 2006); FUJ00002101 (v 2.0 dated 26 August 2009); FUJ00002540
(v 3.0 dated 17 October 2013); FUJ00002573 (v 4.0 dated 16 April 2014); FUJ00003034 (v 5.0 dated 12
November 2015); FUJ00003247 (v 6.0 dated 20 July 2017); FUJ00232747 (v 7.0 dated 28 September
2021); FUJ00234998 (v 8.0 dated 14 March 2024)
82 FUJ00002024
Page 65 of 218
WITN06650400
WITN06650400
Infrastructure. Events are the indications of conditions that have operational
Significance to either the Branch Infrastructure or the HNG-X Central Infrastructure.
They include Software, Hardware or security conditions that may require
investigation and also include occurrences of particular, repeated events, for
example, a low battery in PIN Pads.”
Management Information Service
113. The available documentation suggests that the Management Information Service
was first established during the Pathway Programme in or around 1997.9% The
Management Information Service continued under the various phases of the
Horizon contract described above and continues to be provided to the present day.
The primary purpose of the Management Information Service is to deliver
performance reporting and management information to POL relating to Horizon
and the Operational Services. This reporting and management information
includes the Service Management Reports considered at Service Management
Review Forum meetings as required by the CCDs relating to the Service
Management Service (noted at paragraphs 86 to 100 above).
Codified Agreement (28 July 1999 to 30 December 2002)
114. Pursuant to clause 201.2 of the Codified Agreement, Fujitsu was responsible
(subject to certain qualifications) for meeting the Requirements specified in
Schedule A15 in accordance with the Solutions specified in Schedule A16 by
%8 Integration Testing Business Thread BITO2 for release 1c (VI/TSC/0009), FUJ00232415 (v 1.0 dated 1
July 1997)
Page 66 of 218
WITN06650400
WITN06650400
performing the Core System Services (i.e., those services specified in clause
201.3, as described above). The relevant Core System Services were the
Operational Services pursuant to clause 405 of the Codified Agreement.
115. Under Schedule A01 of the Codified Agreement, ‘M/S’ is defined as “Management
Information Systems”. As set out in Schedule A15, the relevant Requirement for
MIS was Requirement 894, pursuant to which Fujitsu and POL were to “agree the
arrangements for MIS reports and POCL control mechanisms’. Schedule A16
recorded the Solution to Requirement 894 as being that MIS would “capture the
data necessary to facilitate effective contract and service management. It will
employ exception reporting for business performance and monitoring reviews”.
116. Paragraph 6 of Schedule E01 stated that, to satisfy Requirement 894, Fujitsu was
to “provide management information with reference to service performance”, the
details of which were to be defined in the POCL MIS Reports document, as
introduced by CCN 0016.%
117. Service reporting obligations were also set out in relation to the Operational
Services in the Service Management Schedules. Relevantly, Fujitsu was required
to provide POL with the monthly Service Management Reports as explained at
paragraph 91 in this statement.
118. Version 1.0 of process document ‘MIS Report Production and Scheduling’ (with
internal reference CS/PRO/031) dated 21 October 1997°% detailed the production
%4 CCN 0016, FUJ00232414, raised on 28 October 1996
$5 FUJ00232426
Page 67 of 218
WITN06650400
WITN06650400
and scheduling of reports, including for change requests, problem reporting, and
ad-hoc queries, to “meet the requirements of MIS”. Related document ‘MIS Report
Despatch Procedure’ (with internal reference CS/PRO/030) dated 21 October
1997 outlined the procedure for the production and distribution of MIS Reports,
including compact disk logs and problem reports.%
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
119. As above, under clause 1 of the Varied and Restated Agreements, Fujitsu was
required to perform the Operational Services, “in accordance with all applicable
provisions thereof’. Schedule 19 set out the Operational Services to be performed
by Fujitsu, including (but not limited to) the ‘Management Information Service’,
defined as providing “a mechanism for the reporting and publishing of Fujitsu
Services’ achievement of Service Levels and targets”, “data for the settlement of
liquidated damages’, and “a vehicle for the request of information regarding data
captured on the Horizon Service Infrastructure.”
120. The corresponding CCD was the ‘Management Information Service: Service
Description’ (with internal reference CS/SER/015) (the “Horizon MIS Service
Description”).°” Each version of the MIS Service Description required Fujitsu to
deliver to POL a Service Management Report (then known as a Service Review
Book), for “the primary input into the Service Management Forum reporting on
performance against [Service Level Targets]”. The Service Review Book included
%6 FUJ00232469
97 FUJ00120479 (v 1.0 dated 20 December 2002); FUJ00001910 (v 2.0 dated 18 November 2004);
FUJ00001965 (v 3.0 dated 8 July 2005)
Page 68 of 218
WITN06650400
WITN06650400
(amongst other things) a management summary (containing highlights of the
previous month’s service delivery); a high-level review of each of the supplied
services; service volumetric data available (including the number of calls received
by the Service Desk Service); a high-level review of problem management and
problem status; and Engineer Services failures attracting remedies (section 3.1 of
each version). The Service Review Book also contained Service Level Agreements
(“SLA”) information, including the level of SLA achievement for various services.
121. The Horizon MIS Service Description further described the purpose of the
Management Information Service as being to deliver to POL Network Banking
management information in accordance with the Operational Services through
Network Banking MIS Reports (with reference to ‘Network Banking MIS Reports
Design’ (with internal reference NB/SDS/008), the “MIS Reporting Design”).°°
Such management information is stated to have included, but was not limited to:
a. A monthly MIS Money Laundering Report “listing, by Branch, the cash
deposit Banking Transactions that exceeded the configurable threshold
specified in the above CCD [the MIS Reporting Design], together with a Post
Office Branch summary giving the number and value of such Banking
Transactions.”
b. Aweekly MIS Transaction Outcome Analysis by Branch Report detailing the
number and value of Banking Transactions for the previous accounting week.
9 FUJ00232502 (v 2.0 dated 12 July 2002); FUJ00232557 (v 3.0 dated 13 December 2004)
Page 69 of 218
WITN06650400
WITN06650400
c. A weekly MIS Bank Analysis Report detailing harvested Banking
Transactions as specified in the MIS Reporting Design. Under Section 4 of
Annex 3 to Schedule 15: Part A of the Varied and Restated Agreements,
Fujitsu was obliged to pay liquidated damages to POL if Fujitsu did not
provide the MIS Bank Analysis Report once a week (or at such later time as
specified) to POL. Such liquidated damages were calculated as equalling:
(number of Transactions on report in question/1,000,000) x (number of
working days report is late x £55).
122. Under the Horizon MIS Service Description, Fujitsu was also required to deliver to
POL: management information regarding OBCS and APS transactions (section 3.2
of each version); Miscellaneous Data Query Requests at POL’s request (section
3.3 of each version); and information leading to the settlement of liquidated
damages (where applicable) (section 3.4 of each version). The calculation of
liquidated damages is further outlined in paragraphs 224 to 262.
HNG-X Agreements (31 August 2006 to Present)
123. In relation to the HNG-X Agreements, paragraph 2 of Schedule B3.1 set out the
Operational Services to be performed by Fujitsu, including the ‘Management
Information Service’ at row 10. Following the description in the Varied and
Restated Agreements, the Management Information Service is described in the
HNG-X Agreements as providing “a mechanism for the reporting and publishing of
Fujitsu Services’ achievement of Service Levels and Service Level Targets”, “data
Page 70 of 218
WITN06650400
WITN06650400
for the settlement of liquidated damages”, and “a vehicle for the request of
information regarding data captured on the HNG-X Service Infrastructure.”
124. Replacing the Horizon MIS Service Description (with internal reference
CS/SER/015), the ‘New CCD’ was identified as ‘Management Information Service:
Service Description’ (with internal reference SVM/SDM/SD/0016) (the “HNG-X
MIS Service Description”), which came into effect upon the “Commencement of
HNG-X Project Workstream X4 (HNG-X Application Rollout)”.°° The HNG-X MIS
Service Description (with internal reference SVM/SDM/SD/0016), like the Horizon
MIS Service Description (with internal reference CS/SER/015), required Fujitsu to
deliver to POL the Service Review Book, described as “the primary input into the
Service Management Relationship” (paragraph 2.1.1 of each version). The Service
Review Book, as before, included (amongst other things) a management summary
(containing highlights of the previous month’s service delivery); a summary review
of the Operational Services delivered; a summary of problem management and
cross domain problem status; and monthly Service Level Threshold achievements.
From at least November 2013, the content of the Service Review Books was
amended so that, amongst other things, the management summary was “delivered
to [POL] as separate documents or presentations at an agreed time each month.”
However, Service Management Reports identified by Fujitsu to date and disclosed
to the Inquiry indicate that this practice began around the end of 2010.
8° FUJ00120480 (v 1.0 dated 31 August 2006; FUJ00002061 (v 2.0 dated 20 February 2008);
FUJ00232617 (v 3.0 dated 9 February 2010); FUJ00002276 (v 4.0 dated 24 November 2010);
FUJ00002546 (v 5.0 dated 5 November 2013); FUJ00232821 (v 6.0 dated 7 January 2022)
Page 71 of 218
WITN06650400
WITN06650400
125. According to version 1.0 of the HNG-X MIS Service Description dated 31 August
2008, 1° the Management Information Service consisted of six other component
services, including the delivery and/or provision of, amongst other things,
supporting information in relation to liquidated damages; management information
in relation to Banking and Related Services data; management information in
relation to APS; management information in relation to Miscellaneous Data
Queries; and the Service Management Portal for access to real time updates of
Service performance and Service Level Target measurement. Reference to the
provision of management information related to APS was removed by version 4.0,
dated 24 November 2010, ‘°' and reference to the provision of Banking and
Related Services data to POL was further removed by version 5.0, dated 5
November 2013.10
126. As under the Varied and Restated Agreements, Fujitsu was obliged to pay
liquidated damages to POL if Fujitsu did not provide the MIS Bank Analysis Report
once a week (or such later time as specified) to POL under Section 4 of Annex 3
to Schedule B4.4. Such liquidated damages were calculated as equalling: (number
of Transactions on report in question/1,000,000) x (number of working days report
is late x £69.79). Reference to the MIS Bank Analysis Report was removed in
version 3.0 of the HNG-X MIS Service Description dated 9 February 2010.1
100 FUJ00120480
101 FUJ00002276
102 FUJ00002546
103 FUJ00232617
Page 72 of 218
WITN06650400
WITN06650400
Schedule B4.4 was removed from version 14.0 of the HNG-X Agreements onward
by CCN 1648b.1
127. Table A of Schedule B3.1 of the HNG-X Agreements further specified that the
Transaction Benchmarking Service was to be included within the Management
Information Service. Each version of the HNG-X MIS Service Description noted
that the Management Information Service was responsible for the provision of the
Transaction Time Benchmarking Service, with a summary of set out in Annex A:
“[t]he Transaction Benchmarking Service provides a measure of transaction time
performance for an agreed set of transactions which may be varied at any time
subject to the Change Control Procedure and agreement between [POL] and
[Fujitsu]”. The previous corresponding CCD for the Transaction Benchmarking
Service under the Varied and Restated Agreements, ‘Transaction Benchmarking
Service: Service Description’ (with internal reference CS/SER/010), 1° was
replaced by ‘Transaction Time Benchmarking Process’ (with internal reference
SVM/SDM/PRO/0017), which outlined the relevant transactions and process for
performance measurement. 1
Reconciliation Service
128. Under the Reconciliation Service, Fujitsu provided end-to-end reconciliation and
incident management procedures required to investigate, report and resolve
reconciliation and Business Incidents throughout the Relevant Period. The
104 CCN No. 1648b raised 22 January 2021, FUJ00234945
105 FUJ00232526 (v 1.0 dated 31 December 2002); FUJ00232541 (v 2.0 dated 2 July 2004)
196 FUJ00232610 (v 1.0 dated 17 July 2009)
Page 73 of 218
WITN06650400
WITN06650400
Reconciliation Service was introduced under the Codified Agreement (though as
set out in paragraph 63 of the Second Corporate Statement, Fujitsu’s Business
Support Unit (“BSU”) was responsible for generating various reconciliation reports
since at least November 1998), and the service continued under the various
versions of the Horizon contract described above.
Codified Agreement (28 July 1999 to 30 December 2002)
129. The provision of a Reconciliation Service was listed as Requirement 891 in
Schedule A15 of the Codified Agreement and was described as “[Fujitsu’s
obligation to] ensure that all captured data are complete and accurately reflected
in the appropriate outward interfaces”. The corresponding section of Schedule A16
contained Fujitsu’s Solution to Requirement 891, and stated, amongst other things,
that Fujitsu was required to:
a. “ensure that all captured data (that is inward data across service interfaces)
is complete, and accurately reflected in the appropriate outward interfaces”
(paragraph 1.1).
b. “report reconciliation results to POCL, including any reconciliation
exceptions. Reconciliation Exceptions will be held in a Reconciliation
Exception Database (RED) and the progress to resolution of each
outstanding exception will be reported to POCL” (paragraph 1.5).
c. “control the implementation of configuration changes, including changes to
reference data’, including “maintaining the integrity of other reconciliation
Page 74 of 218
WITN06650400
WITN06650400
processes against configuration changes” (paragraph 1.7a, Reference 891,
Schedule A16).
d. “meet all reconciliation requirements in contingency situations as well as
normal working” (paragraph 1.7b, Reference 891, Schedule A16).
e. “The reconciliation of stock and money for transactions will be, in effect,
instantaneous, with a record of the levels of stock and money within a stock
unit being maintained as the transaction is committed” (paragraph 2.3).
130. In addition to the above, Fujitsu's Solution to Requirement 891 stipulated that the
targets for the Reconciliation Service would be as follows (paragraph 1.8,
Schedule A16):
a. “full reconciliation with 100% of items accounted for’;
b. — “provision of reconciliation reports identifying reconciliation totals at summary
level and RED reports for reconciliation exceptions at detailed levels, for
example at transaction level for transaction data”. Such reports would be
provided to POL “by 9 am of the day following that in which the reconciliation
exception occurred”.
c. “[Fujitsu] will resolve any reconciliation exceptions produced by its
reconciliation processes” and would use all reasonable endeavours to do so
promptly.
Page 75 of 218
WITN06650400
WITN06650400
131. The relevant CCD to the Reconciliation Service under the Codified Agreement in
this regard was version 1.0 of the Transaction Processing Services ("TPS")
Reconciliation & Incident Management Procedure (with internal reference
CS/PRO/111) dated 16 October 2000. This document described the procedures
required to “investigate, report and resolve TPS reconciliation and business
incidents"'”’ and set out the “procedures to be adopted by the [MSU], for dealing
with Business Incidents relating to the TPS Report Set errors and PON generated
Business Incidents. This includes reconciling the data contained in the TPS Report
Set and raising Horizon System Help Desk (HSH) Business Incidents, Business
Incident Management System (BIMS) Reports and Manual Error Reports (MER)
where necessary” .'°8
132. Business Incidents were defined in the TPS Reconciliation & Incident Management
Procedure as those which “Relate to the ‘Symptom’ of an underlying cause — e.g.
the effect of the system fault on the resulting reconciliation or settlement
information sent to [POL]’, and were reported to the Post Office through the
Business Incident Management Service (“BIMS”) ‘°°. System Incidents were
defined as those which “relate[d] to the underlying ‘Cause’ and would be routed
to the appropriate group within Fujitsu to investigate and resolve‘.
133. According to paragraph 3.5.4 of the TPS Reconciliation & Incident Management
Procedure, Fujitsu would also “monitor ‘trigger points’, for example HSH calls and
107 FUJ00079822
108 FUJ00079822
109 FUJ00001726 (v 4.0 dated 19 December 2002)
110 FUJ00001726 (v 4.0 dated 19 December 2002)
Page 76 of 218
WITN06650400
WITN06650400
the TPS Report Set, which can alert of any likely potential or actual ‘widespread’
errors which are those Data Errors or Not Data Errors affecting Cash Accounts in
a Cash Account Period at more than 100 outlets”"'.
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
134. As noted above, Fujitsu was required under clause 1 of the Varied and Restated
Agreements to perform the Operational Services, “in accordance with all applicable
provisions thereof’. Schedule 19 set out the Operational Services that were to be
performed by Fujitsu, which included the ‘Reconciliation Service’ throughout the
period of the Varied and Restated Agreements. This service was defined as the
provision of “end-to-end reconciliation and incident management procedures
required to investigate, report and resolve reconciliation and business incidents”.
The corresponding CCDs were as follows:
a. Network Banking Reconciliation & Incident Management (with internal
reference NB/PRO/002)''?, TPS Reconciliation & Incident Management (with
internal reference CS/PRO/111)1'?, and APS Reconciliation & Incident
Management (with internal reference CS/PRO/128)''*. These documents
described the management procedures for investigating, reporting and
resolving reconciliation and business incidents in respect of Network
1 FUJ00001726 (v 4.0 dated 19 December 2002)
112 FUJ00120467 (v 2.0 dated 22 January 2002); FUJ00001625 (v 3.0 dated 10 May 2002); FUJ00120468
(v 5.0 dated 19 December 2002); FUJ00001970 (v 6.0 dated 17 October 2005)
113 FUJ00001627 (v 2.0 dated 30 April 2002); FUJ00001726 (v 4.0 dated 19 December 2002);
FUJ00001967 (v 5.0 dated 17 October 2005)
114 FUJ00001567 (v 1.0 dated 2 July 2001); FUJ00079885 (v 3.0 dated 19 December 2002); FUJ00001968
(v 4.0 dated 17 October 2005)
Page 77 of 218
WITN06650400
WITN06650400
Banking, APS and TPS. They also set out the reconciliation reports that
Fujitsu was required to run on a daily or weekly basis for the relevant system
functionality. Within these reconciliation reports, Fujitsu was to identify errors
which constituted Business Incidents and System Incidents, defined as so
under the Codified Agreement (see paragraph 132) above.
b. Data Errors & Not Data Errors — Contractual Definitions (CS/SER/017)'§ and
Network Banking Data Reconciliation Services (CS/SER/018)'7®, containing
contractual definitions in relation to the Reconciliation Services.
135. According to Version 2.0 of the TPS Reconciliation & Incident Management CCD
(with internal reference CS/PRO/111) dated 30 April 2002, Fujitsu was required to
“monitor ‘trigger points” which may alert Widespread Errors (defined as “those
Data Errors or Not Data Errors affecting Cash Accounts in a Cash Account Period
at more than 100 outlets’), in the same manner as set out in Version 1.0 of this
document, which was in place under the Codified Agreement as described in
paragraphs 129 to 133 above. The procedure to be followed by Fujitsu in relation
to Widespread Errors was set out in Version 2.0 as follows:'17
a. Upon discovery of Widespread Errors, Fujitsu would “immediately notify the
[POL] Business Continuity Manager’ that it has discovered the Widespread
Error and “the action [Fujitsu] has taken or proposes should be taken...Upon
"5 FUJ00001738 (v 1.0 dated 20 December 2002)
6 FUJ00001921 (v 2.0 dated 11 January 2005); FUJ00001969 (v 3.0 dated 17 October 2005)
117 TPS Reconciliation & Incident Management (CS/PRO/111), FUJ00001627 (v 2.0 dated 30 April 2002)
Page 78 of 218
WITN06650400
WITN06650400
giving such notice the provisions of this document (other than this section
4.5.4) shall cease to apply in respect of those Widespread Errors”.
b. Fujitsu would notify branches which have not committed electronic Cash
accounts and which may be affected by Widespread Errors “by telephone
that they should not attempt to irrevocably commit Cash Accounts until further
notice from Fujitsu”. Fujitsu would inform POL of all electronic Cash Accounts
not transmitted as a result of the Widespread Error.
c. Fujitsu would use all reasonable endeavours “to ensure that all electronic
Cash Accounts not transmitted...as a result of Widespread Errors will
subsequently be transmitted to [POL], without correction...in order that they
will agree with the signed paper Cash Account produced in the outlet’.
d. “Where Widespread Errors have resulted in a reconciliation error within the
Cash Account [Fujitsu] will not correct any Cash Account records if this would
result in an electronic Cash Account being received by [POL] which differs
from the signed paper Cash Account produced in the outlet’.
e. Fujitsu and POL would seek to agree “reasonable additional or alternative
action by [Fujitsu]...which is appropriate for the type of Widespread Errors
discovered and the number of Outlet Cash Accounts affected by them”.
136. As noted in paragraph 68 of the Second Corporate Statement, ‘Network Banking
Reconciliation and Incident Management Procedures’ was amended in May 2005
to capture all ‘On Line Services’. At the time, these services included banking
Page 79 of 218
WITN06650400
WITN06650400
transactions, debit and credit card transactions and electronic top-up
transactions. "8
137. Version 5.0 of the TPS Reconciliation & Incident Management procedure dated 17
October 2005 appears to have contained updates in respect of Release S80, “i.e.
the removal of the cash account’. References to Widespread Errors appear to
have been removed from the CCD from this point.
HNG-X Agreements (31 August 2006 to Present)
138. Table A of Schedule B3.1 to the HNG-X Agreements sets out the Operational
Services which Fujitsu was required to perform, including in row 12 the
‘Reconciliation Service’. As with the Varied and Restated Agreements, this is
described as providing “end-to-end reconciliation and incident management
procedures required to investigate, report and resolve reconciliation and business
incidents”.
139. The ‘New CCD’ for the Reconciliation Service was identified in the HNG-X
Agreements as the ‘Reconciliation Service: Service Description’ (with internal
reference SVM/SDM/SD/0015) (the “HNG-X Reconciliation Service
Description’), ‘'® which replaced the CCDs set out at paragraphs 134 to 137
above in place under the Varied and Restated Agreements, when it came into
148 On Line Services Reconciliation & Incident Management (NB/PRO/002n), FUJ00120469 (v 6.0 dated
17 October 2005)
119 FUJ00079994 (v 1.0 dated 31 August 2006); FUJ00080073 (v 2.0 dated 14 July 2009); FUJ00080196
(v 3.0 dated 1 December 2010); FUJ00080254 (v 4.0 dated 3 December 2013); FUJ00003440 (v 5.0 dated
3 December 2019); FUJ00003449 (v 6.0 dated 3 June 2020); FUJ00232852 (v 7.0 dated 7 June 2022);
FUJ00235002 (v 8.0 dated 12 February 2024)
Page 80 of 218
WITN06650400
WITN06650400
effect upon the “Commencement of HNG-X Project Workstream X4 (HNG-X
Application Rollout)’. According to this CCD, the Reconciliation Service was
provided to “ensure financial integrity across all Transactions processed” through
the system. It appears that this Service Description incorporated the specific
reconciliation and reporting requirements in respect of TPS, APS and Banking &
Related Services, previously set out in the dedicated CCDs in place under the
Varied and Restated Agreements.
140. I understand from Fujitsu’s Post Office Account team (the “POA”) that
amendments to the Reconciliation Service were agreed in commercial discussions
between POL and Fujitsu in 2016. CCN 1747, which gained final approval on 25
January 2024, removes requirements relating to (i) Branch Reconciliation, “which
had not been applicable since HNG-X Final Acceptance, after which all
Transactions are performed directly into the Data Centres and no Transaction data
is stored in Branches to be reconciled with Data Centre data’, (ii) the provision of
Manual Error Reports (“MERs”) with details of applicable liquidated damages, and
(iii) the responsibilities of the Service Desk Service, “which expired in June
2014” .120
SUMMARY OF MEASURES RELATING TO INCIDENT MANAGEMENT
141. As noted in paragraph 7 of this statement, as part of the Request, the Inquiry has
asked Fujitsu to provide a summary of the measures put in place to address the
120 CCN 1747, FUJ00234946, dated 25 September 2023; Email from D. Harvey to C. Dunford,
FUJ00232672, dated 15 November 2017; Email from M. Cornell to C. Dunford, FUJ00232671, dated 22
December 2016
Page 81 of 218
WITN06650400
WITN06650400
Incident Management Obligations during the Relevant Period, including any
changes that have been made since 17 December 2019. The Incident
Management Obligations were primarily addressed through the provision of the
Operational Services set out above. These Operational Services were, in turn,
governed by various policies, processes and procedures. A summary of the
services relating to the Incident Management Obligations and the policies,
processes and procedures that governed their operation during the Relevant
Period is set out below. In each section, as requested by the Inquiry, reference is
made to relevant sections of the Previous Corporate Statements where
appropriate. At the Appendix to this statement, Fujitsu has prepared a table setting
out the policies, processes and procedures it has identified as applying to these
services during the Relevant Period.
142. It has been explained to me that there was an overlap in the policies, processes
and procedures relating to the Incident Management Obligations under the
Codified and Varied and Restated Agreements. For this reason, the summaries
set out below are broadly divided into the policies, processes and procedures
relating to the Incident Management under (i) the Codified and Varied and
Restated Agreements, and (ii) the HNG-X Agreements.
143. I also understand that in August 2021, Steve Browell (Chief Information Security
Officer, Fujitsu POA) created a ‘POA Improvements Log’, which was an internal
working note that he maintained to assist him to track changes being made to
service delivery across several areas. The most recent version of this log, version
Page 82 of 218
WITN06650400
WITN06650400
0.14, has fed into the summaries below.12' Version 0.11 of the POA Improvements
Log has also been disclosed to the Inquiry previously.'?? Other changes made to
the POA are described in the ‘POA Improvements List’,‘2? which was a separate
internal working document created and maintained by Mr Browell to assist him in
facilitating discussions between individuals and teams implementing changes
being made to service delivery. The first version was created on 20 July 2021 and
all available versions of the POA Improvements List are appended to this corporate
statement. 124
Codified and Varied and Restated Agreements
Operational Services
144. During the Codified Agreement and Varied and Restated Agreements, Fujitsu's
provision of relevant Operational Services were delivered via four lines of support,
which was to be carried out in accordance with (i) the Customer Service Policy
Manual (with internal reference CS/QMS/001),'25 (ii) Customer Service Process
Manual (with internal reference CS/QMS/002), 126 (iii) Incident Management
Process (with internal reference CS/PRD/074), '?’ and (iv) related operations
121 FUJ00235019, dated 9 May 2024
122 FUJ00232995, dated 4 September 2023
123 FUJ00232804 (v 1.2 dated 5 January 2022)
124 Exhibit numbers 211 to 240
125 FUJ00079855 (v 1.0 dated 26 January 2001); FUJ00079974 (v 2.0 dated 14 September 2005)
126FJ00079866 (v 1.0 dated 16 August 2001)
127 FUJO0079865 (v 1.0 dated 13 November 2000); FUJ00079937 (v 2.0 dated 20 January 2005);
FUJ00079939 (v 3.0 dated 23 March 2005); FUJ00079968 (v 4.0 dated 2 August 2005)
Page 83 of 218
WITN06650400
WITN06650400
manuals '° and process documents. 129 According to these documents, the
following Operational Services were primarily concerned with the Incident
Management Obligations:
a. First line support, which included the (i) Service Desk Service delivered by
the Service Desk, '°° and (ii) Systems Management Service delivered by the
SMC; 131
b. I Second line support, which was delivered by the (i) SMC, (ii) Service Desk,
and (iii) SSC;
c. Third line support, which was provided by the Third Line Support Service
delivered predominantly by the SSC, 9? who were (i) primarily responsible for
diagnosing BEDs and potential network and other system failures, and (ii)
held Privileged Access rights to, inter alia, remedy errors in transaction data
and branch accounts;
d. Fourth line support, which was provided by the Application Support
Service'*? delivered by Fujitsu's Application Division teams (and later some
128 CS Support Services Operations Manual (CS/QMS/004), FUJ00232449 (v 1.0 dated 7 November 2000);
FUJ00120446 (v 2.0 dated 29 January 2001); Operations Manual for the Customer Service Directorate
(CS/QMS/007), FUJ00079875 (v 1.0 dated 26 November 2001); FUJ00079888 (v 2.0 dated 1 May 2002)
129 See, for example, End to End Support Process, Operational Level Agreement (CS/FSP/006),
FUJ001 19994 (v 1.0 dated 10 October 1999); FUJ00079897 (v 2.0 dated 17 June 2003)
130 Horizon Systems Helpdesk: Service Description Service (CS/SER/002), FUJ00080428 (v 1.0 dated 20
December 2002)
131 Service Description for Systems Management Service (CS/SER/008), FUJ00120452 (v 1.0 dated 18
December 2002)
132 Service Description for Third Line Software Support Service (CS/SER/009), FUJ00120470 (v 1.0 dated
19 December 2002)
133 End to End Support Process, Operational Level Agreement (CS/FSP/006), FUJ001 19994 (v 1.0 dated
10 October 1999). As explained above, while Fourth Line Support was classified as a ‘Development Service’
Page 84 of 218
WITN06650400
WITN06650400
overseas based teams), who were responsible for producing software fixes
for BEDs;
e. Engineering Service, which was delivered by support engineers, who were
Fujitsu employees or third-party subcontractors appointed by Fujitsu
(‘Support Engineers”); 1%4
f. Reconciliation Service, which was delivered by the Management Support
Unit (“MSU”) and BSU and concerned with identifying, responding to, and
reporting on reconciliation issues relating to (i) TPS, '% (ii) Network
Banking, '%¢ (iii) APS, 19” and/or (iv) errors relating to the cash account or
Transaction Management Service (“TMS”);'8 and
g. Data Centre Operations Service, which was responsible for delivering all data
centre operations, including (i) agents, services and databases used to
in the Codified Agreement and Varied and Restated Agreements, it is convenient to deal with it under the
heading Operational Services, together with the other relevant services.
134 Engineer Service (CS/SER/005), FUJ00001732 (v 1.0 dated 19 December 2002); FUJ00001802 (v 2.0
dated 15 May 2003)
135 TPS Reconciliation & Incident Management (CS/PRO/111), FUJ00079822 (v 1.0 dated 16 October
2000; FUJ00079881 (v 2.0 dated 30 April 2002); FUJ00079884 (v 4.0 dated 19 December 2002);
FUJ00079976 (v 5.0 dated 17 October 2005)
136 Network Banking Reconciliation & Incident Management (NB/PRO/002), FUJ00120466 (v 1.0 dated 19
December 2001); FUJ00120467 (v 2.0 dated 22 January 2002); FUJ00001625 (v 3.0 dated 10 May 2002),
FUJ00120468 (v 5.0 dated 19 December 2002); FUJ00120469 (v 6.0 dated 17 October 2005); Network
Banking Data Reconciliation Services (CS/SER/018), FUJ00001739 (v 1.0 dated 20 December 2002);
FUJ00001921 (v 2.0 dated 11 January 2005); FUJ00001969 (v 3.0 dated 17 October 2005)
137 APS Reconciliation & Incident Management (CS/PRO/128), FUJ00001567 (v 1.0 dated 2 July 2001);
FUJ00079885 (v 3.0 dated 19 December 2002); FUJ00001968 (v 4.0 dated 17 October 2005)
138 Data Errors & Not Data Errors - Contractual Definitions (CS/SER/017), FUJ00001738 (v 1.0 dated 20
December 2002)
Page 85 of 218
WITN06650400
WITN06650400
manage and support the Horizon infrastructure for branches, and (ii) assisting
the Service Desk in resolving network faults. 199
145. The services listed above utilised several software applications and/or databases
to provide services relating to the Incident Management Obligations including (i)
PowerHelp, (ii) PinICL, (iii) Peak, ‘4° (iv) Known Error Log (“KEL”) (now known as
Knowledge Base Articles (“KBAs”), (v) BIMS, and (vi) the Horizon Information
Centre (“HORice”).141
146. Details regarding PinICL, Peak, KEL and BIMS are set out in (i) paragraphs 15
and 73 to 75 of the Second Corporate Statement, and (ii) Fujitsu’s submissions to
the Inquiry dated 13 September 2022.
147. Relevant to the Incident Management Obligations, BIMS was used by Fujitsu and
POL to report the progress to resolution of ‘Business Incidents’ (as noted at
paragraph 132 above), which generally concerned reconciliation errors (e.g.,
incomplete or incorrect transactions) requiring investigation. 4? Reconciliation
errors could be caused by system faults (e.g., software bugs, system crashes or
network issues) that could then affect transactions. Where such reconciliation
139 Service Description for Data Centre Operations Service (CS/SER/007), FUJ00001733 (v 1.0 dated 20
December 2002); FUJ00001925 (v 2.0 dated 8 February 2005)
140 Peak Administration Guide (DEV/APP/SPG/2144) FUJ00080231 (v 1.0 dated 3 April 2013); Peak User
Guide (CS/MAN/011), FUJ00079926 (v 1.0 dated 8 October 2004); FUJ00080204 (v 2.0 dated 29 June
2011); FUJ00080332 (v 3.0 dated 18 April 2016); ICL Pathway Development Directorate Incident/ Defect
Management (DE/PRO/015), FUJ00079823 (v 1;0 dated 25 October 2000); POA Systems Integration
Directorate Incident/Defect Management Procedure (DE/PRO/015), FUJ00079902 (v 2.0 dated 5
September 2003)
141 HNGA Robustness (Service Delivery Metrics) Report, FUJ00232717 (v 1.0 dated 12 March 2021)
142 Reconciliation and Incident Management - Joint Working Document (SVM/SDM/PRO/0012),
FUJ00232586 (v1.0 dated 20 April 2007); FUJ00080215 (v 2.0 dated 14 June 2011); FUJ00080224 (v 3.0
dated 30 April 2012); FUJ00234980 (v 4.0 dated 24 June 2020); FUJ00243146 (v 5.0 dated 14 June 2024)
Page 86 of 218
WITN06650400
WITN06650400
errors were identified, a BIMS report would be raised by relevant teams in Fujitsu
and/or POL, and these reports would provide corrective information to assist POL
in the reconciliation or settlement process within POL’s domain. BIMS reports
provided information in relation to the resolution of the reconciliation error rather
than its underlying cause (e.g., reporting on how to fix the reconciliation issue
rather than the software bug that had caused it). Information regarding the cause
of the reconciliation error was supplied via the Problem Management Process if
the issue had been escalated.
148. Iunderstand from the POA that Fujitsu developed HORIce in around January 2012
to enable the SSC to view and collate more detailed information from various
databases on how the HNG-X systems are operating, including the Branch
Support Database.
149. In addition to paragraphs 33 to 140 above, further details regarding the nature and
scope of the relevant Operational Services are set out in the following sections of
Fujitsu’s Second Corporate Statement:
Section of Second Corporate Statement Paragraphs
Background to Support Services and Incident Management 11-21
Service Desk Service 37-49
Systems Management Service 50-61
Reconciliation Service 62-75
Third Line Support Service 76-79
Application Support Service (Fourth Line Support) 80-90
Page 87 of 218
WITN06650400
WITN06650400
Section of Second Corporate Statement
Paragraphs
Engineering Service
91-96
150. As noted in the Second Corporate Statement and in paragraphs 86 to 100 above,
the primary aims of the Service Management Service were to monitor, manage,
maintain and report on the delivery of operational services. As with the Operational
Services, the policies and processes relating to the Service Management Service
were to be carried out in accordance with the Customer Service Policy Manual
(with internal reference CS/QMS/001),'42 Customer Service Process Manual (with
internal reference CS/QMS/002)'# and related operations manuals.'45
151. Relevant to the Incident Management Obligations, the Service Management
Service was concerned with:
a. monitoring, managing and maintaining the delivery of the operational
services, which included the first, second and third lines of support;
b. release_ management, including the release of software fixes for BEDs—
known as PinlCL (and later Peak) fixes—which were to be carried out in
‘43 FUJ00079855 (v 1.0 undated); FUJ00079974 (v 2.0 dated 14 September 2005)
‘44 FUJ00079866 (v 1.0 undated)
145 CS Support Services Operations Manual (CS/QMS/004), FUJ00232449 (v 1.0 dated 7 November 2000);
FUJ00120446 (v 2.0 dated 29 January 2001); Operations Manual for the Customer Service Directorate
(CS/QMS/007), FUJ00079875 (v 1.0 dated 26 November 2001); FUJ00079888 (v 2.0 dated 1 May 2002);
CS Operations Services Operations Manual (CS/QMS/005), FUJ00232454 (v 1.0 dated November 2000),
FUJ00120486 (v 2.0 dated 24 January 2001); CS Infrastructure Services Operations Manual
(CS/QMS/006), FUJ00119995 (v 1.0 dated 7 November 2000)
Page 88 of 218
WITN06650400
WITN06650400
accordance with the ‘Pathway Release Policy’ (with internal reference
PA/STR/003)"4° and associated release management processes; '4”
c. problem _and_complaint_management, which was to be carried out in
accordance with the ‘Problem Management Process’ (with internal reference
CS/PRD/021)'48 and ‘Customer Complaint Process’ (with internal reference
CS/PRD/081)"9; and
d. reporting on the delivery and performance of the operational services,
including those noted at paragraph 144 above, to the Service Management
Review Forum. 1°
152. Relevant to the Incident Management Obligations, the incident management
process in Legacy Horizon involved a number of sub-processes that were
concerned with the timing and release of software fixes. For example, the Quality
Filter Process (“QFP”) considered the assignment of target releases for test
incidents, and a QFP Forum (“QFPF”) review was required if the target release
had not been set or was inappropriate. Another example of a sub-process was the
Release Management Forum (“RMF”) which considered the assignment of target
148 FUJ00232424 (v 1.0 dated 26 November 1996); FUJ00232433 (v 2.0 dated 29 March 1999);
FUJ00232435 (v 3.0 dated 28 June 1999); FUJ00232441 (v 4.0 dated 14 July 1999); FUJ00118128 (v 5.0
dated 16 July 1999)
147 Release Management Processes (CS/PRD/086), FUJ00232467 (v 1.0 dated 26 January 2001);
FUJ00232471 (v 2.0 dated 2 February 2001)
148 FUJ00079797 (v 1.2 dated 25 May 1998); FUJ00119991 (v 2.0 dated 26 August 1999); FUJ00079853
(v 3.0 dated 13 November 2000); FUJ00119992 (v 4.0 dated 27 November 2001); FUJ00079935 (v 5.0
dated 20 January 2005); FUJ00079953 (v 6.0 dated 29 July 2005)
149 FUJ00079826 (v 1.0 dated 5 September 2000)
150 Service Review — Performance Statistics for April 2001, FUJ00121087, dated 15 May 2001
Page 89 of 218
WITN06650400
WITN06650400
releases for live incidents recorded in PinICLs (or Peaks) where a live fix had been
requested. 151
153. As noted at paragraph 25 of the Second Corporate Statement and paragraphs 88
to 97 of this statement, Fujitsu and POL were contractually required to establish
the Service Management Review Forum and hold monthly ‘service review’
meetings to, amongst other things, (i) review performance against contracted
Service Levels, (ii) agree remedies payable arising from any failures to meet
Service Levels, and (iii) monitor and review operations of operational business
change processes. ‘5? Fujitsu’s compliance with the Incident Management
Obligations was primarily monitored through the Service Management Review
Forum, which is detailed further in paragraphs 210 to 215 of this statement.
154. The nature and scope of the Service Management Service is set out in the
following sections of Fujitsu’s Second Corporate Statement:
Section of Second Corporate Statement Paragraphs
Service Management Service 22-36
e the Service Management Review Forum 24-25
e release management
26-32
Customer Service Problem Manager/Problem Management I 33, 101-104
Management Information Service 97-99
151 Post Office Account Systems Integration Directorate Incident/Defect Management (DE/PRO/015),
FUJ00079823 (v 1.0 dated 25 October 2000); FUJ00079902 (v 2.0 dated 5 September 2003)
182 Annex to Schedule A4
Page 90 of 218
WITN06650400
WITN06650400
HNG-X Agreements (31 August 2006 to Present)
Operational Services
155. During the HNG-X Agreements, the Operational Services continued to be primarily
delivered via four lines of support, which were to be carried out in accordance with
process documents formulated specifically for HNG-X, including the Incident
Management Process (with internal reference SVM/SDM/PRO/0018) 1*° and End-
to-End Application Support Strategy (with internal reference
SVM/SDM/PRO/0875).'*4 The following changes appear to have taken place in
relation to the Support Services provided under the HNG-X Agreements:
a. On 1 April 2006, the Central Network Service was formally introduced in
relation to HNG-X. This service was to ensure appropriate monitoring and
processes were in place to identify incidents within the ‘Central Telecom
Infrastructure’, which included the ‘Local Area Networks’ and ‘Wide Area
Network’; 195
183 FUJ00080003 (v 1.0 dated 6 November 2006); FUJ00080027 (v 2.0 dated 2 April 2007); FUJ00120051
(v 3.0 dated 28 July 2009); FUJ00080076 (v 4.0 dated 3 August 2009); FUJ00080205 (v 5.0 dated 6 July
2011); FUJ00080244 (v 6.0 dated 13 November 2013); FUJ00080298 (v 7.0 dated 17 July 2014);
FUJ00080370 (v 8.0 dated 12 July 2016); FUJ00080388 (v 9.0 dated 12 September 2017); FUJ00234981
(v 10.0 dated 29 January 2019); FUJ00234982 (v 11.0 dated 18 June 2020); FUJ00234983 (v 12.0 dated
15 July 2020); FUJ00234984 (v 13.0 dated 1 September 2020); FUJ00234985 (v 14.0 dated 21 January
2021); FUJ00234986 (v 15.0 dated 5 July 2021); FUJ00234987 (v 16.0 dated 8 September 2021);
FUJ00234988 (v 17.0 dated 24 February 2023) FUJ00234989 (v 18.0 dated 15 January 2024)
154 FUJ00080212 (v 1.0 dated 28 July 2011); FUJ00243143 (v 2.0 dated 23 September 2020)
185 Central Network Service (SVM/SDM/SD/0012), FUJ00002028 (v 1.0 dated 31 August 2006)
Page 91 of 218
WITN06650400
WITN06650400
b. On 1 April 2006, the Application Support Service (Fourth Line) was formally
introduced as an Operational Service in relation to HNG-X;15¢
c. On 2 July 2014, Fujitsu ceased providing the Service Desk Service and the
first line support function was transferred to Atos as part of POL’s adoption
of a towers strategy for its Horizon estate; '5”
d. On 31 March 2015, Fujitsu ceased providing the Engineering Service as
noted above at paragraphs 54 to 66 in this statement; '®® and
e. On 31 March 2018, Fujitsu ceased providing the Branch Network Service. '®®
156. Fujitsu has agreed a Data Centre Operations Service and Central Network Service
Extension with POL from 1 April 2023 to 31 March 2024, as agreed in CCN 1732.
Changes to the agreement for these services include removing the obligation for
Fujitsu to do a full disaster recovery fail over due to the age of the service
infrastructure, although I understand from the POA that some testing is undertaken
at the component level.'® Fujitsu sought to implement this change as there is a
risk of hardware failures when powering down system components to simulate a
disaster state. Because of the age of those system components or the availability
of their support arrangements, spares required to repair such components are
186 Application Support Service (Fourth Line): Service Description (SVM/SDM/SD/0005), FUJ00079997 (v
1.0 dated 24 August 2006)
187 CCN No. 1409a, FUJ00001104, dated 5 March 2014
188 CCN No. 1423c, FUJ00001116, dated 18 August 2015
189 Branch Network Service (SVM/SDM/SD/0011), FUJ00080400 (v 8.0 dated 5 March 2018)
169 CCN No. 1732, FUJ00233121, dated 28 March 2023
Page 92 of 218
WITN06650400
WITN06650400
limited in supply and Fujitsu considered it preferable to avoid eroding that supply
unless necessary at this late stage of the system's life cycle.
157. A further extension in respect of the Data Centre Operations Service and Central
Network Service has also now been agreed with POL from 1 April 2024 to 31
March 2025, as agreed in CCN 1749.'®' This extension was agreed on the premise
that POL will “develop a data audit solution within the Post Office Cloud to store
transaction data to replace the existing data audit solution within the Data Centres
which will avoid the need for Fujitsu Services to carry out refresh activities in the
Data Centre in this respect” by 28 February 2025.
158. During the HNG-X Agreements, the Service Management Service continued to
perform the same core functions and responsibilities in relation to the Incident
Management Obligations, which were to be carried out in accordance with process
documents formulated specifically for HNG-X, including the Release Management
Strategy (with internal reference SVM/SDM/PRO/1520).1* The following changes
appear to have taken place in relation to the Service Management Service under
the HNG-X Agreements:
a. As noted above at paragraph 35, in July and August 2014, Fujitsu’s first line
support function was transferred to Atos as part of POL’s towers strategy. As
a result of this change, the Major Account Controllers team (“MAC Team’)
was added to the Service Management Service. The MAC Team’s
161 CCN No. 1749, FUJ00234947, dated 30 October 2023
162 FUJ00232666 (v 1.0 dated 26 January 2015);
Page 93 of 218
WITN06650400
WITN06650400
responsibilities included, (i) providing a single point of contact for Atos
enquiries and escalations, (ii) being a resolution contact point for branch
logged software incidents and customer complaint handling, and (iii) trend
reporting; 1° and
b. The Business Impact Forum (“BIF”), Peak Targeting Forum (“PTF”), and
Customer Business Impact Forum (“CBIF”) were established as part of the
release management process to, amongst other things, manage the release
of software fixes. These fora continue to operate at present and further details
regarding their operation is set out below.
159. BIF and PTF are part of the release management strategy for software releases in
HNG-X. The purpose of BIF is to ensure a viable software fix has been identified,
including temporary workarounds if possible, so that the software fix can be passed
to PTF.'* If a Peak is given an approved status in BIF, the target release for the
Peak is discussed in the next PTF.'® As part of the changes made to the
management of defects, Fujitsu increased the number of BIF and PTF meetings
from weekly to daily in January 2022 to expedite the process of assigning Peaks
to releases. 1
163 Service Management Service Description (SVM/SDM/SD/0007), FUJ00080380 (v 5.0 dated 30
November 2016)
164 The BED Current Process Report (COM/MGT/REP/4184), FUJ00232716 (v 1.0 dated 26 February
2021)
165 Release Management Strategy (SVM/SDM/PRO/1520), FUJ00232666 (v 1.0 dated 26 January 2015),;
ToR for BIF and PTF (SVM/SDM/STD/2593), FUJ00232656 (v 1.0 dated 30 July 2014); Operational Level
Agreement for Application 4" line support of HNGX (SVM/SDM/OLA/0017), FUJ00080232 (v 2.0 dated 5
April 2013)
166 POA Improvements Log, FUJ00232842 (v 0.9 dated 1 March 2022)
Page 94 of 218
WITN06650400
WITN06650400
160. CBIF is ajoint meeting held between Fujitsu and POL as required to discuss items
identified at the Fujitsu BIF.1°” An example of a CBIF proposal, which details a
defect description, impact, resolution options, recommendations and implications
is exhibited to this statement. 16
161. lunderstand from the POA that from around 2021, CBIF has sought decisions from
POL on how to proceed with proposed software fixes for items identified at BIF.
This discussion on specific fixes now forms part of the wider Horizon Defect
Review (“HDR”) meeting on all branch affecting defects. Further details regarding
HDR is set out in paragraphs 162 to 164 below.
Horizon Defects Review
162. In September 2019, Fujitsu introduced the Horizon Known Error Review Forum
(the “HKERF”), also known as the Horizon Knowledge Base Review Forum, '®° the
Horizon Governance Working Group, ‘”° or the Horizon Known Errors Joint Review
Working Group by POL,‘”' to provide a forum to report branch affecting defects
raised as Incidents to POL.'’* Examples of the terms of reference, meeting
‘67 BED Current Process Report (COM/MGT/REP/4184), POL00030527 (v 1.0 dated 26 February 2021);
POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023); HDR Defects update report,
FUJ00232721, dated 30 July 2021
168 FUJ00232853 (v 1.0 dated 17 June 2022)
169 FUJ00232676, dated 11 March 2020
17° FU J00232703, dated 11 March 2020
171 FUJ00232709, dated September 2020
172 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023)
Page 95 of 218
WITN06650400
WITN06650400
agendas, meeting minutes and HKERF/KBA reports produced in connection with
the HKERF are appended to this corporate statement. 17>
163. In early 2021, the chairmanship of the HKERF transferred to POL, at POL’s
request, and it was renamed the Horizon Defects Review (the “HDR”) in February
2021.174 By June 2021, the Terms of Reference for the HDR were updated and
formalised,*”> and weekly HDR meetings have been held since then with POL and
Fujitsu as primary attendees.'”° As of the date of this corporate statement, POL
and Fujitsu are currently discussing further updates to the terminology within HDR
Terms of Reference. 17”
164. On this basis, the purpose of the HDR has been to “track the status of every open
Defect from identification to resolution. Prioritisation will be given to any Defect
with the potential to impact a branch financially’.‘7® Reports of all branch-affecting
defects are issued to POL every week before the meetings.'”° This weekly report
takes the form of a defects tracker, which outlines a description of the defect,
173 See for example: FUJ00232728, dated 25 June 2021; FUJ00232802, dated 9 November 2020;
FUJ00232803, dated 9 November 2020; FUJ00232801, dated 2 November 2020; FUJ00232800, dated 9
December 2021; FUJ00232799, dated 29 June 2020; FUJ00232797, dated 20 July 2020; FUJ00232798,
dated 20 July 2020
174 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023); Email from Steve Bansal to
Steven Browell, FUJ00232711, dated 25 January 2021
175 FUJ00232728 (v 2.2 dated 25 June 2021); POA Improvements Log, FUJ00232740 (v 0.2 dated 15
September 2021)
176 See for example: FUJ00232995 (v 0.11 dated 4 September 2023); FUJ00232721, dated 30 July 2021;
FUJ00232823, dated 29 November 2021; FUJ00233120, dated 18 September 2023
177 Email from Steve Bansal to Steven Browell, FUJ00232992, dated 11 August 2023
178 Horizon Defects Review, Terms of Reference, FUJ00232872 (v 3.2 dated 3 January 2023)
179 Email from Michelle Stevens to Matthew Hatch, FUJ00232988, dated 26 July 2023
Page 96 of 218
WITN06650400
WITN06650400
proposed resolution and any branch impact. 1°° In August 2021, Fujitsu integrated
the CBIF with the HDR as the audiences for both forums were the same. 181182
POL Focused Initiatives
165. Following the Bates v POL group litigation, POL was looking to implement a
number of new initiatives. 18 Whilst this was being formulated, in March 2021,
Fujitsu created and shared with POL a POL focused ‘Postmaster First
Improvements Plan’, which I understand was a joint set of Horizon initiatives
derived from the Horizon Issues Judgment in 2019. ‘®* POL shared its own
programme plan with Fujitsu in July 2021 in which Fujitsu had a third-party support
role, '®5 and by August 2021, POL had associated some actions that Fujitsu had
been working on so that Fujitsu could interact with the programme. POL provided
Fujitsu with Requests to Quote (“RTQs”) which Fujitsu responded to using Change
Work Orders. 8° An example of a CWO is appended to this corporate statement. 18”
180 If there is a new defect with a clear branch impact, an extraordinary HDR meeting can be held to
investigate the issue and solutions if the next scheduled meeting is more than 2 working days ahead;
Horizon Defects Review, Terms of Reference, FUJ00232872 (v 3.2 dated 3 January 2023). See for
example: Defect Tracker, FUJ00232829, dated 28 February 2022; FUJ00233107, dated 12 September
2023
‘81 Email from S. Browell to P. Smith and S. Bansal, FUJ00233122, dated 25 June 2021
12 Email from S. Browell copying S. Bansal, A. Woodley, S. Bothick and M. Hatch, FUJ00232745, dated
24 September 2021
183 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023)
184 BOA Improvements Log, FUJ00232735, dated 27 August 2021; FUJ00232842 (v 0.9 dated 1 March
2022)
185 Horizon Issues Remediation Programme, FUJ00233004, dated 10 November 2021
186 Postmasters First — Improvement Plan; POA Improvements Log, FUJ00232842 (v 0.9 dated 1 March
2022)
187 Request to Quote, FUJ00233125, dated 19 July 2022; CWO No. 0369, FUJ00233124, raised on 15
January 2021
Page 97 of 218
WITN06650400
WITN06650400
In November 2021, POL issued a final update to the programme and by January
2022, meetings in connection with this programme were disbanded. '®&
Live Defect Management
166. From May to September 2021, Fujitsu conducted a review of its Live Defect
Management processes. From the contemporaneous briefing slides'®® and the
POA Improvements Lists*9° prepared to communicate and log the changes, the
workstreams for the improvements were categorised as follows:
a. Stream 1: Incident & problem (TfSNow, Service Now).
b. Stream 2: Peak (Incident, Defect).
c. Stream 3: Live Defect Management (Cross-functional process HDR).
d. Stream 4: Key Meetings (BIF, CBIF, HDR).
e. Stream 5: Security Improvements (Privileged Access Management, Minimum
Security Controls Framework, European Business Management System).
f. Stream 6: Elevated Processes (APPSUP, TC Tool, Interface Interactions).
g. Stream 7: Various (Investigations, Peripheral Logger, Documentation,
Governance).
188 POA Improvement Log, FUJ00232842 (v 0.9 dated 1 March 2022); FUJ00232995 (v 0.11 dated 4
September 2023)
189 Slide deck titled "POA Improvements: Communicating the Changes", FUJ00232743, dated 21
September 2021
190 FUJ00232720 (v 1.1 dated 20 June 2021)
Page 98 of 218
WITN06650400
WITN06650400
167. Formal, documented information on these changes, and more generally on the
amended approach to defect reporting, was also set out in a formal process
working instructions; the first version of which is appended to this corporate
statement. 19"
168. In summary, changes in respect of Live Defect Management include:
a. By the end of October 2021, Fujitsu had updated its Live Defect recording
processes with new tags to be applied if an Incident met certain criteria. For
example, if an Incident meets the criteria of a Live Defect, it must now be
recorded in Peak with the Live Affecting Defect tag applied.'% If, in addition,
there is a possibility that the issue could be affecting live branch accounts or
financial outcomes then a second “HDR” tag of “HDR-FIN” is applied.'%
Another tag of “HDR-EXP” is available for issues affecting the SPM’s
experience (i.e., the way a postmaster is required to use the system) or the
191 POA Defect Management Reporting (SVM/SDM/PRO/4695), FUJ00232857 (v 0.1 dated 3 October
2022); FUJ00234991 (version 1.0 dated 17 March 2023); FUJ00234992 (version 2.0 dated 3 August 2023);
FUJ00234993 (v 3.0 dated 26 April 2024)
192 POA Defect Management Reporting (SVM/SDM/PRO/4695), FUJ00232857 (v 0.1 dated 3 October
2022); FUJ00234991 (version 1.0 dated 17 March 2023); FUJ00234992 (version 2.0 dated 3 August 2023);
FUJ00234993 (v 3.0 dated 26 April 2024)
193 POA Defect Management Reporting (SVM/SDM/PRO/4695), FUJ00232857 (v 0.1 dated 3 October
2022); FUJ00234991 (version 1.0 dated 17 March 2023); FUJ00234992 (version 2.0 dated 3 August 2023);
FUJ00234993 (v 3.0 dated 26 April 2024); Live Defect Management on POA, FUJ00232753, dated 22
October 2021
Page 99 of 218
WITN06650400
WITN06650400
experience of a POL customer or client.1%* Live affecting defects with one or
more of these tags applied will qualify for reporting to POL; 19°
b. Other new fields were added in Peak. 1% For example, POL problem
references were added to ensure that Defect Peaks are searchable. '9”
Fujitsu problem references were also added to ensure that links between
Peaks and TfSNow problems are clear and also searchable.‘ To assist
support staff and stack owners with managing the information, Fujitsu
introduced checklists and a monthly management overview of progress of
Live Defects. '°° An example of a checklist for support staff and stack owners
is appended;2
c. In November 2021, Fujitsu implemented a target dataset for defect
notification 2°' embedded in the reporting to POL after receiving POL
acceptance; 702
194 POA Defect Management Reporting (SVM/SDM/PRO/4695), FUJ00232857 (v 0.1 dated 3 October
2022); FUJ00234991 (version 1.0 dated 17 March 2023); FUJ00234992 (version 2.0 dated 3 August 2023);
FUJ00234993 (v 3.0 dated 26 April 2024); Live Defect Management on POA, FUJ00232753, dated 22
October 2021
195 POA Defect Management Reporting (SVM/SDM/PRO/4695), FUJ00232857 (v 0.1 dated 3 October
2022); FUJ00234991 (version 1.0 dated 17 March 2023); FUJ00234992 (version 2.0 dated 3 August 2023);
FUJ00234993 (v 3.0 dated 26 April 2024)
196 Live Defect Management on POA, FUJ00232753, dated 22 October 2021
197 Live Defect Management on POA, FUJ00232753, dated 22 October 2021
198 Live Defect Management on POA, FUJ00232753, dated 22 October 2021
199 POA Improvements Log, FUJ00232822 (v 0.7 dated 24 January 2022)
200 FUJ00232850, dated 1 June 2022
201 See Appendix A of the Horizon Defects Review ToR, FUJ00232845 (v 3.0 dated 21 February 2022)
202 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023)
Page 100 of 218
WITN06650400
WITN06650400
d. In December 2021, Fujitsu provided POL with an overview of all Live Defects
and their stage in the process. POL was invited to decide how they would use
a report if one was shared on a regular basis;2°
e. Fujitsu also defined a role for a Problem, Defect and Quality Manager,
responsible for keeping POL informed of, and driving the resolution of,
defects, and identified an internal Fujitsu candidate, Matthew Hatch who took
the role from 1 January 2022;204
f. In January 2022, Fujitsu extended the use of Demand Planning to show all
releases to which defects had been assigned;?°>
g. In February 2022, Fujitsu introduced Live Defect monthly reporting to the
POA Business Review pack;2 the first example of which is appended.2°”
Around this time, Fujitsu also introduced Live Defect monthly reporting to the
POA stack managers;?° the first example of which is also appended;?°9
h. — In August 2022, following joint discussions with POL, Fujitsu implemented
fortnightly reporting to POL of all Horizon Live Defects. Fujitsu launched the
fortnightly reporting on 5 August 2022, and it remains in place.?'°
203 POA Improvements Log, FUJ00232822 (v 0.7 dated 24 January 2022)
204 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023)
205 POA Improvements Log, FUJ00232822 (v 0.7 dated 24 January 2022)
206 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023); Live Defect Management
Update HNG Business Review - August 2023, FUJ00232994, dated 1 September 2023
207 FUJ00232858, dated 1 November 2022
208 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023)
209 FUJ00232824, dated 17 February 2022; FUJ00232825, dated 17 February 2022
210 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023); POL HNG-X All Live Defects
Report, FUJ00232856, dated 12 August 2022; Email from S. Browell to R. Gogna and P. Smith,
Page 101 of 218
WITN06650400
WITN06650400
i. Since October 2022, HDR reporting by Fujitsu also includes all ‘Deferred Live
Defects’ (defects within Horizon that are previously approved at a release
closure meeting with POL) and ‘Project Live Defects’ (e.g., Payment and
Banking Services) which are also discussed separately in specific project
steering groups;2"1
j. From August to November 2022, a review of all KBAs was completed to
ensure that any defects identified by Fujitsu were also held in Peak and hence
subject to all the tracking, reporting, updating and controls embedded into the
systems and processes, as described above;?'? and
k. Following the KBA review, it was identified that there were some defects
which Fujitsu had not been asked to manage and rectify by POL. This led
Fujitsu to introduce a new category of ‘Accepted Live Defect’ to the defect
reporting regime which was visible to POL. This concept was implemented in
November 2022 and communicated to POL on 2 December 2022.?15
169. Many of the above changes were followed by various account wide cascades
(including live and recorded training sessions)?"* of ways that defects can now be
FUJ00232855, dated 12 August 2022; Instructions on how to complete the POL All Live Defects Report
were formally added in November 2022 to the POA Defect Management Reporting (SVM/SDM/PRO/4695),
FUJ00232859 (v 0.5 dated 9 November 2022)
211 POA Defect Management Reporting (SVM/SDM/PRO/4695), FUJ00232857 (v 0.1 dated 3 October
2022); FUJ00234993 (v 3.0 dated 26 April 2024)
212 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023)
213 POA Improvements Log (WIP), FUJ00232995 (v 0.11 dated 4 September 2023); Post Office Account
Defect Management Reporting (SVM/SDM/PRO/4695), FUJ00232865 (v 0.7 dated 7 December 2022);
Email chain from M. Hatch to R. Gogna and L. Millar with subject “HNG-X - All Live Defects Report for POL
- 16.02.2023” dated 1 March 2023, FUJ00232874; Email from M. Hatch to P. Smith and L. Millar copying
“POA Duty Manager’, S. Bansal, S. Bothick, and S. Browell FUJ00232875, dated 2 December 2012; HDR
Defects Update Report, FUJ00232876, dated 2 December 2022
214 Transcripts of recorded training sessions: FUJ00243261 ; FUJ00243263; FUJ00243265; FUJ00243267
Page 102 of 218
WITN06650400
WITN06650400
tested, monitored, reported on, managed and rectified.2‘° The new processes of
working were communicated via a series of briefings to specialist support staff who
were using either Peak or TfSNow, including Major Account Controllers, Third Line
Support, Fourth Line Support and Architects;2'® some examples of these briefings
have been appended.?1” POA stack managers were also briefed on updates to the
Live Defect Management processes in 2022; an example of which is appended.?'®
170. The end-to-end procedure now followed in relation to the Incident Management
Obligations is set out in detail in the ‘POA Live Defect Management Procedures’
(with internal reference SVM/SDM/PRO/4313).2'° This procedure document “pulls
together the many working processes from many teams to present a consolidated
view of the POA end-to-end process of Live Defect Management’, such processes
already being in place at the time of drafting. Whilst the consolidation of these end-
to-end processes and procedures had been in progress for some time, for
transparency, I understand that their completion was prompted by receipt of the
Request from the Inquiry for this corporate statement.
215 POA Improvements Log, FUJ00232995 (v 0.11 dated 4 September 2023)
216 Live Defect Management on POA, FUJ00232753, dated 22 October 2021
217 Live Defect Management on POA, FUJ00232753, dated 22 October 2021; Live Defect Management on
POA, FUJ00232847, dated 15 March 2022; POA Improvements: Communicating the Changes
FUJ00232743, dated 21 September 2021
218 Live Defect Management: Stack Owner Update, FUJ00232849, dated 31 May 2022
219 FUJ00233141 (v 1.0 dated 17 October 2023)
Page 103 of 218
WITN06650400
WITN06650400
THE PRIVILEGED ACCESS OBLIGATIONS
171. I understand that access rights and privileges by employees to remedy errors in
transaction data and branch accounts forms part of the area known as ‘access
control’, an aspect of information security.
172. As with the Incident Management Obligations above, this section of the corporate
statement addresses (i) the overarching Privileged Access Obligations in place
during each of the three contractual phases previously described as set out in the
Horizon contract and relevant CCDs, (ii) the Operational Services relevant to
Privileged Access and the relevant contractual provisions surrounding those
services, and (iii) the measures in place throughout the Relevant Period to ensure
compliance with the Privileged Access Obligations.
The Codified Agreement (28 July 1999 to 30 December 2002)
173. Pursuant to clause 106.10 (General Principles), Fujitsu was required to “deliver
and continue to provide a secure system in respect of all transactions which as far
as this Codified Agreement requires eliminates the potential for any fraud or
unauthorised disclosure of data and provides detection procedures and significant
barriers to attacks from internal conspiracy and collusion to defraud [POL]’.
174. Pursuant to clause 201 (Performance of Core System Services) Fujitsu was
responsible, subject to certain qualifications, for meeting POL’s requirements
specified in Schedule A15 of the Codified Agreement, in accordance with the
Page 104 of 218
WITN06650400
WITN06650400
‘Solutions’ specified in Schedule A16 by performing the ‘Core System Services’
(i.e., those services specified in clause 201.3). Of most relevance were:
a. Requirement 526 (POCL Implementation — Supporting Services: Help Desk
Resolution of Reported Incidents): It was required that “[a]// reported
Incidents shall be resolved in line with Service Levels”.
b. Requirement 698 (General — Security: Policy): Fujitsu was required to
establish “an organised security infrastructure”. This infrastructure covered,
amongst other things, the following areas: “the agreement of a security
policy... allocation of security responsibilities...security education and
training ...reporting security incidents... control of Software... safeguarding
[POL] records... compliance with data protection and other legislation...
compliance with security policy.... The management of fraud and risk during
service operation”. Fujitsu was also required to comply with British
information security standard BS7799 (“BS7799"), further detail in relation
to which is set out below.
c. Requirement 699 (General — Audit Trail): This Requirement included
various obligations, including that ‘[t]he information recorded shall be
sufficient to identify the action, by whom it was undertaken, when it was
undertaken, why it was undertaken, where it was undertaken and the
resulting outcome”.
175. Pursuant to clause 106.3 (General Principles), the POCL Services and the POCL
Infrastructure was to be provided in accordance with, and comply with, all relevant
Page 105 of 218
WITN06650400
WITN06650400
applicable industry standards, as listed in Schedule A2. Amongst other things, as
with Requirement 698, paragraph 4.1.2 of Schedule A2 (Standards) to the Codified
Agreement required Fujitsu to establish “an organised security infrastructure”.
Furthermore, paragraph 4.1.3 contained an obligation to comply with BS7799,
which was a two-part standard introduced by the British Standards Institution
(‘BSI’) in 1995. Part 1 of BS7799 was a code of practice containing
recommendations on how to develop sound information security infrastructure.
Part 2 of BS7799 was a specification focused on how to implement an information
security management system. 22° These obligations mirrored the terms of
Requirement 698 in Schedule A15.
176. In addition to the terms of the Codified Agreement, I understand from the records
available to Fujitsu that from as early as October 1996, Fujitsu and POL had
agreed a ‘Security Policy’ (a CCD with internal reference RS/POL/002).?21 The
Security Policy was said to define Fujitsu's “policy for the protection of its assets
(including hardware, applications, databases, network and documentation) against
loss of confidentiality, integrity and availability. It will also ensures compliance with
legislative and commercial requirements”.
177. The Security Policy was amended and updated from time to time. However, in
each of the approved Security Policies in place during the time of the Codified
Agreement,?2? control of access to Fujitsu’s systems and data was stated to be in
220 See paragraph 4.1.3 of Schedule A2 (Standards)
221 FY J00001266 (v 3.0 dated 8 October 1996).
222 FJ00001266 (v 3.0 dated 8 October 1996), FUJ00001294 (v 4.0 dated 30 April 1999); FUJ00232455
(v 5.0 dated 13 November 2000); FUJ00232457 (v 6.0 dated 20 November 2000); FUJ00232499 (v 7.0
dated 28 May 2002)
Page 106 of 218
WITN06650400
WITN06650400
accordance with Fujitsu’s ‘Access Control Policy’. Section 7.4 of the Security Policy
stated that the:
“Access Control Policy and its associated Security Procedures will specify:
a clear definition of responsibilities for all authorised users,
Specification of roles and responsibilities for all types of system usage,
control of access to all ICL Pathway system components,
control of access to all data within the ICL Pathway system,
control of access to all stored information and documentation,
control of access to database facilities and tools,
control of access to applications running on servers and workstations,
control of access to the network and network management systems,
procedures for allocation of access rights to IT services,
management, assignment and revocation of privileges,
mechanisms to be used for user identification and authentication,
password management, including password generation and expiry, and
monitoring system access and use of facilities.
Page 107 of 218
WITN06650400
WITN06650400
Accountability of individuals is essential and segregation of duties will be enforced
where appropriate. For particularly critical operations “two person controls” will be
considered.
Wherever authorisation is given orally, normally over a telephone link, additional
verification methods must be used”.
178. I understand from the records available to Fujitsu that the earliest identified
approved Access Control Policy (RS/POL/003) dates from April 1997225 and that
the policies in place during the time of the Codified Agreement were version 3.0
dated 18 December 1998 (which aligned with the Pathway Programme), version
4.0 dated 16 July 2002 and version 5.0 dated 28 August 2002.24
179. Versions 4.0 and 5.0 of the Access Control Policy, which relate to Legacy Horizon,
specified the following in relation to ‘Application Support’, defined as “2nd, 3rd and
4th line”:
a. “...no application support users have access to Post Office counter
systems except as allowed for [below]. Errors here are diagnosed using
logs of events extracted via Tivoli’ (section 4.5.5);
b. “All support users with access to the Post Office Account Data Centre
must do so using NT controlled workstations in a secure workstation
environment as defined in 3.3. (For SSC, the secure environment must
223 FUJ00117497
224 FUJ00087993 (v 3.0 dated 18 December 1998); FUJ00088018 (v 4.0 dated 16 July 2002);
FUJ00088046 (v 5.0 dated 28 August 2002)
Page 108 of 218
WITN06650400
WITN06650400
include a firewall to restrict traffic between the test rigs and the secure
LAN, though the workstation gives access to both Data Centres and test
rigs)” (section 4.5.5.1);
c. I Support users should have only read access to the supported systems,
except for:
e SSC support managers (not normal SSC support users)
“correcting” data under controlled conditions. (Data may need
to be corrected where it has been corrupted by faulty code.)
Correction of data must be subject to agreed authorisation
procedures...” (section 4.5.5.3);
d. In version 5.0 onwards, “Remote access to FTMS Gateways and
Counters is managed and supported using SSH client on a support
Terminal Server’ (section 4.5.5.3); and
e. “Inall cases, updates to code or data by application support staff require
two staff to be present when the change is made and all such changes
to be audited, identifying what has been changed (before and after
values) and the individual who made the change” (section 4.5.5.4).
Varied and Restated Agreements (31 December 2002 to 15 August 2006)
180. Security was specifically addressed in clause 8 of the Varied and Restated
Agreements. This clause required that Fujitsu (amongst other things):
Page 109 of 218
181.
WITN06650400
WITN06650400
a. “provide a secure system in respect of all transactions which...eliminates the
potential for any fraud or unauthorised disclosure of data and provides
detection procedures and significant barriers to attacks from internal
conspiracy and collusion to defraud Post Office” (see clause 8.1);
b. “use all reasonable endeavours to maintain the security of the Services”
(see clause 8.3); and
c. “comply with the security requirements set out in Schedule 2”
(see clause 8.3).
From at least the Varied and Restated Agreement dated 5 July 2005 (version 5.0),
clause 8.7 also included the following exclusion regarding the “accuracy,
completeness, validity or integrity of any data (including, without limitation, any
Personal Data)” relating to POL FS Data. “POL FS Data’ was defined as that data:
a. “provided by or on behalf of Post Office for loading onto the POL FS System”
(clause 8.7.1.1);
b. “produced by the Horizon Service Infrastructure and held on the POL FS
System” (clause 8.7.1.2); and
c. “contained in any Transaction Correction Record delivered by Fujitsu
Services to any Branch” (clause 8.7.1.3).
Page 110 of 218
WITN06650400
WITN06650400
182. Set outin paragraph 27 above are the general undertakings given by Fujitsu in the
Varied and Restated Agreements and which applied to the Relevant Obligations.
These undertakings are not repeated here.
183. Schedule 2 identified the policies and standards which apply to the Services
performed by Fujitsu. In particular:
a. As was the case under the Codified Agreement, Fujitsu was required,
amongst other things, to maintain “organised security infrastructure”.
b. Fujitsu was also required to be compliant with international information
security standard ISO 17799 (“ISO 17799”), the successor to Part 1 of
BS7799, which was adopted by the International Organisation for
Standardisation in around 2000.
c. Paragraph 4.1.5 also required under the heading ‘Data Security’ that “[t]he
confidentiality, integrity, validity and completeness of data shall be
maintained through all storage, processes and transmissions, including
during periods of Service Failure and recovery from Service Failure”. To the
extent that any issue with data integrity was identified, this provision would
also form part of the Incident Management Obligations whilst the problem is
investigated and resolved.
184. During the period of the Varied and Restated Agreements, the Security Policy
(RS/POL/002) remained in place, albeit it was amended from time to time. As was
the case during the time of the Codified Agreement, the Security Policy in place
Page 111 of 218
WITN06650400
WITN06650400
during the currency of the different versions of the Varied and Restated
Agreement?5 required that control of access to Fujitsu’s systems and data be in
accordance with Fujitsu’s Access Control Policy (RS/POL/003). Approved versions
of the Access Control Policy (RS/POL/003) dating from within the period of the
Varied and Restated Agreements are exhibited to this corporate statement.?26
185. In relation to the Access Control Policies (RS/POL/003) in place during the Varied
and Restated Agreements, section 4.5.5 provided further detail regarding access
controls for support staff when accessing Horizon for the purpose of Application
Support. The provisions contained in these versions of the Access Control Policy
are substantially the same as those set out above in respect of the Codified
Agreement, save that the reference to “NT controlled workstations’ in section
4.5.5.1 was replaced with “Windows controlled workstations” from version 7.0 of
the Access Control Policy dated 14 April 2005 onwards.
The HNG-X Agreements (31 August 2006 to Present)
186. In asimilar vein to the Codified Agreement and Varied and Restated Agreements,
Fujitsu was required to maintain an “organised security infrastructure” (paragraph
4.1 of Schedule A4) and, during this time, to comply with international information
security standard ISO 27001 (“ISO 27001”), the successor to Part 2 of BS7799,
225 FUJ00001675 (v 8.0 dated 2 September 2002); FUJ00001748 (v 9.0 dated 24 January 2003);
FUJ00232542 (v 10.0 dated 11 November 2004); FUJ00232554 (v 11.0 dated 23 June 2006);
FUJ00002046 (v 12.0 dated 5 April 2007)
226 FUJ00088046 (v 5.0 dated 28 August 2002); FUJ00088087 (v 6.0 dated 8 August 2003); FUJ00088155
(v 7.0 dated 14 April 2005)
Page 112 of 218
WITN06650400
WITN06650400
which was adopted by the International Organisation for Standardisation in around
November 2005.
187. Paragraph 4.1.3 of Schedule A4 stipulated that security for the “Services, HNG-X
Development, Associated Change Development and Equipment’ was to be
managed and organised by Fujitsu in accordance with (i) the Security Policy
(RS/POL/002), and (ii) a 'New CCD’ entitled ‘Security Management Service:
Service Description’ (SVM/SDM/SD/0017) (the “Security Management Service
Description”) when it came into effect upon the commencement of “HNG-X
Project Workstream X4 (HNG-X Application Rollout)”.22”
188. As with the Security Policy (RS/POL/002) described in this corporate statement,
the Security Management Service Descriptions (SVM/SDM/SD/0017) in place
during the period of the HNG-X Agreements also state that system access controls
were defined in the Access Control Policy (RS/POL/003). Approved versions of the
Security Management Service Description (SVM/SDM/SD/0017)?28 and Access
Control Policy (RS/POL/003) 22° in place within the period of the HNG-X
Agreements are exhibited to this corporate statement.
189. Inrelation to the Access Control Policy (RS/POL/003) in place during this period,?°°
section 4.5.5 provides further detail regarding access controls for support staff
227 Schedule B3.1 of the HNG-X Agreements
228 FUJ00088180 (v 1.0 dated 24 August 2006); FUJ00088337 (v 2.0 dated 31 December 2008);
FUJ00088683 (v 3.0 dated 15 October 2010); FUJ00088868 (v 3.5 dated 25 November 2013);
FUJ00088869 (v 4.0 dated 4 December 2013); FUJ00088897 (v 5.0 dated 4 April 2014); FUJ00089152 (v
6.0 dated 21 May 2015); FUJ00232973 (v 8.0 dated 23 April 2023); FUJ00235003 (v 9.0 dated 25
September 2023)
223 FUJ00088442 (v 8.0 dated 2 June 2009)
230 FUJ00088155 (v 7.0 dated 14 April 2005); FUJ00088442 (v 8.0 dated 2 June 2009)
Page 113 of 218
WITN06650400
WITN06650400
when accessing Horizon for the purpose of Application Support. The provisions
contained in this section are the same as those described in respect of version 7.0
of the Access Control Policy (RS/POL/003) described above, including the
reference to a “Microsoft controlled workstation”.
190. These provisions remained largely in place until the end of the Relevant Period.
Amendments which Fujitsu considers to be of importance to this corporate
statement appear to have been as follows:
a. The CCD entitled ‘RMGA Information Security Policy’ (SVM/SEC/POL/0003)
was introduced by CCN 129471 and effective from 27 December 2011 (the
“Information Security Policy”).2°2 This contained a further set of provisions
relating to access control. These included the following in section 11.2.4
under the ‘Privilege Management’ heading:
“The allocation and use of privileges shall be restricted and controlled.
The principle of Least Privilege means that each subject in a system
is granted the most restrictive set of privileges (or lowest clearance)
needed for their job.
The system will maintain the clearances and authorisations granted to
users, and access to information will be consistent with users’
clearances and privileges.
231 FUJ00001048, dated 15 March 2012
232 FUJ00088496 (v 5.0 dated 15 September 2009)
Page 114 of 218
WITN06650400
WITN06650400
Access to System Administration accounts will be strictly controlled.
Knowledge of the passwords and authentication for system
administrator accounts will be restricted to the authorised system
administrators.
System administrators will be allocated and use a unique identifier,
and the passwords will be subject to more frequent refresh than normal
user account standards.
The use of system administration accounts will be kept to a minimum.
Segregation of responsibilities will ensure that no privileged user can
cover up unauthorised actions, and a continuous record of all system
administration commands, and the use of powerful system utilities, will
be maintained securely”.
b. Version 5.0 of the Information Security Policy (SVM/SEC/POL/0003) was
revised in version 6.0 dated 23 January 2014.?°3 The revised Information
Security Policy did not contain an express reference to access control.
However, it referred to the ‘Post Office HNG-X Account ISMS (or Information
Security Management System) Manual (SVM/SEC/MAN/0003), 234 which
stated that every individual working with the account should comply with the
obligations set out therein, including (amongst others):
233 FUJO0002566
234 FUJ00232655 (v 5.0 dated 30 April 2014), withdrawn on 31 May 2017 (FUJ00235006)
Page 115 of 218
WITN06650400
WITN06650400
(i) “The methodology behind the granting of access must work on the
principle that access should be denied unless specifically permitted
and the principle of least privilege must apply to restrict the access
rights of users whether human or non-human” (section 11.1.1.1); and
(ii) I “The POA Security Operations Team shall undertake a monthly
review of the access granted to individuals and its continued
appropriateness” (section 11.2.2).
c. From version 10.0 of the HNG-X Agreement dated 10 September 2015
onwards:
(i) paragraph 4.1.2 of Schedule A4 required compliance with ISO 27001
“except for the Salesforce Support Service’.
(ii) paragraph 4.1.3 of Schedule A4 required “Services, HNG-X
Development, Associated Change Development and Equipment’ be
managed and organised by Fujitsu in accordance with the Security
Policy (RS/POL/002) or Information Security Policy
(SVM/SEC/POL/0003) as applicable.235
d. The reference to the Security Policy was subsequently removed in version
13.0 of the HNG-X Agreement dated 23 November 2020.2%6
235 FUJO0002070 (v 1.0 dated 25 July 2008); FUJ00232606 (v 2.0 dated 5 August 2008); FUJ00002073 (v
3.0 dated 20 October 2008); FUJ00088338 (v 4.0 dated 12 February 2009); FUJ00088496 (v 5.0 dated 15
September 2009); FUJ00088874 (v 6.0 dated 23 January 2014)
236 FUJ00000003
Page 116 of 218
WITN06650400
WITN06650400
OPERATIONAL SERVICES RELATING TO PRIVILEGED ACCESS
191. As with the Incident Management Obligations addressed above, during the
Relevant Period there were a number of Operational Services that required the
use of Privileged Access to perform their functions. Most notable were the,
(i) Engineering Service, (ii) Third Line Support Service, and (iii) Reconciliation
Service, each of which are addressed in turn below:
a. Engineering Service: As noted in the context of the Incident Management
Obligations above, the Engineering Service was required under the Horizon
Engineer Service Description (CS/SER/005) and subsequently under the
HNG-X Engineering Service Description (SVM/SDM/SD/0002) to carry out
Transaction Recovery following communications outages through visits to
branches. This obligation remained in place from at least 31 December
20022%” to the “Trigger Point T6 (HNG-X Application Roll Out Complete)”. As
noted above, the Transaction Recovery provisions were withdrawn in version
5.0 of the HNG-X Engineering Service Description (SVM/SDM/SD/0002).298
b. Third Line Support Service: As noted in the context of the Incident
Management Obligations above, the Horizon Third Line Support Service
Description (CS/SER/009), required Third Line Support to recover
transactions from branches where the solution offered by the Engineering
Service was not able to be deployed.”*° This obligation was removed from
237 FUJ00001732 (v 1.0 dated 19 December 2002)
238 FUJ00002445, dated 3 July 2012
239 FUJ00001735 (v 1.0 dated 19 December 2002)
Page 117 of 218
WITN06650400
WITN06650400
the HNG-X Third Line Support Service Description (SVM/SDM/SD/0004).24°
Although there was no specific reference in the relevant service descriptions
to a requirement for Third Line Support to use Privileged Access in any other
circumstance, there were references to other uses of Privileged Access in
the Access Control Policy (RS/POL/003), including the need for Third Line
Support Managers (as opposed to “normal...support users”) to correct data
under controlled conditions, in particular where the data had been “corrupted
by faulty code”.241
c. Reconciliation Service: With regards to the Privileged Access Obligations,
the Reconciliation Service CCD most relevant was the TPS Reconciliation &
Incident Management Procedure (CS/PRO/111). 742 This procedure
contained an obligation in respect of certain ‘Data Errors’ for the
Reconciliation Service to carry out data “repair”. The details of such repairs
would then be reported to POL. The correction of ‘Errors’ and ‘Exceptions’,
and the insertion of corrective transactions, was also referred to in the HNG-
X Reconciliation Service Description (SVM/SDM/SD/0015), however, no
specific reference was made to cash accounts.”43 In both CCDs, where it was
240 FUJ00002023 (v 1.0 dated 31 August 2006)
241 FUJ00117497 (v 1.0 dated 17 April 1997); FUJ00087989 (v 2.0 dated 24 February 1998); FUJ00087993
(v 3.0 dated 18 December 1998); FUJ00088018 (v 4.0 dated 16 July 2002); FUJ00088046 (v 5.0 dated 28
August 2002); FUJ00088087 (v 6.0 dated 8 August 2003); FUJ00088155 (v 7.0 dated 14 April 2005);
FUJ00088442 (v 8.0 dated 2 June 2009)
242 FUJ00001627 (v 2.0 dated 30 April 2002); FUJ00001726 (v 4.0 dated 19 December 2002);
FUJ00001967 (v 5.0 dated 17 October 2005)
243 FUJ00079994 (v 1.0 dated 31 August 2006); FUJ00080073 (v 2.0 dated 14 July 2009); FUJ00080196
(v 3.0 dated 1 December 2010); FUJ00080254 (v 4.0 dated 3 December 2013); FUJ00003440 (v 5.0 dated
3 December 2019); FUJ00003449 (v 6.0 dated 3 June 2020); FUJ00232852 (v 7.0 dated 7 June 2022);
FUJ00235002 (v 8.0 dated 12 February 2024)
Page 118 of 218
WITN06650400
WITN06650400
necessary for the Reconciliation Service to correct an Error or Exception,
POL was to be provided with information relating to the Error or Exception.
SUMMARY OF MEASURES RELATING TO PRIVILEGED ACCESS
192.
193.
The Privileged Access Obligations were primarily addressed through the provision
of the Security Management Service and by staff supporting specific Operational
Services who held access rights and privileges to remedy errors in transaction data
and branch accounts, including staff working on the Reconciliation Service, the
Engineering Service and the Third Line Support Service.?*4 Fujitsu is aware of
evidence which has been given in the Inquiry to date that, in certain instances,
Fujitsu specialist support staff, predominantly in Third Line Support, required
Privileged Access to perform actions necessary to remedy errors in transaction
data and branch accounts. Privileged Access was restricted to certain “application
support users” within Third Line Support and was referred to as APPSUP privileges
throughout the majority of the Relevant Period.
A summary of the Security Management Service and the policies, processes and
procedures that governed its operation during the Relevant Period is set out below.
In each section, as requested by the Inquiry, reference is made to relevant sections
of the Previous Corporate Statements where appropriate. At the Appendix to this
statement, Fujitsu has prepared a table setting out the policies, processes and
244 See, for example, the Service Descriptions for the Reconciliation Service (CS/PRO/111) at §3.17,
Engineering Service (CS/SER/005) at §3.8, and Third Line Support Service (CS/SER/009) at §3.14.
Page 119 of 218
WITN06650400
WITN06650400
procedures it has identified as applying to these services during the Relevant
Period.
194. It has been explained to me that, as was the case with the Incident Management
Obligations, there was an overlap in the policies, processes and procedures
relating to the Privileged Access Obligations under the Codified and Varied and
Restated Agreements. For this reason, the summaries set out below are broadly
divided into the policies, processes and procedures relating to the Privileged
Access Obligations under (i) the Codified and Varied and Restated Agreements,
and (ii) the HNG-X Agreements.
Codified and Varied and Restated Agreements
Security Management
195. During the Codified and Varied and Restated Agreements, Fujitsu established the
Security Management Service*** to provide security-related activities required for
compliance with relevant standards (for example, BS7799 and ISO 27001). These
activities included establishing and maintaining an organised security
infrastructure and monitoring security-related operations. In relation to the
Privileged Access Obligations, contemporaneous documents indicate that Fujitsu
developed and/or established the following policies, processes and procedures to
establish an organised security infrastructure before the rollout of Legacy Horizon:
245 Security Management Service (CS/SER/016), FUJ00001743 (v 1.0 dated 6 January 2003);
FUJ00172022 (v 2.0 dated 2 December 2004); FUJ00232550 (v 3.0 dated 6 March 2006)
Page 120 of 218
WITN06650400
WITN06650400
a. Security Policy*°, which set out the roles and responsibilities for individuals,
teams and bodies in relation to the security function;
b. Access Control Policy”*’, which related to a number of requirements and
standards (for example, BS7799), and defined the policy for controlling
access to Horizon in compliance with the Security Policy, including changes
to code or data by application support staff and the use of secure workstation
environments. Details relating to the relevant content of the Access Control
Policy are provided above. Of relevance, the Access Control Policy provided
that all updates to code or data by application support staff required that two
staff be present when the change was made and all such changes were to
be audited, identifying what had been changed and the individual who made
the change.48
246 Pathway Security Policy (RS/POL/002), FUJ00001266 (v 3.0 dated 8 October 1996); FUJ00001294 (v
4.0 dated 30 April 1999); FUJ00232455 (v 5.0 dated 13 November 2000); FUJ00232457 (v 6.0 dated 20
November 2000); FUJ00232499 (v 7.0 dated 28 May 2002); FUJ00001675 (v 8.0 dated 2 September 2002);
FUJ00001748 (v 9.0 dated 24 January 2003); FUJ00232542 (v 10.0 dated 11 November 2004);
FUJ00232554 (v 11.0 dated 23 June 2006); FUJ00002046 (v 12.0 dated 5 April 2007)
247 Access Control Policy (RS/POL/003), FUJ00117497 (v 1.0 dated 17 April 1997); FUJ00087989 (v 2.0
dated 24 February 1998); FUJ00087993 (v 3.0 dated 18 December 1998); FUJ00088018 (v 4.0 dated 16
July 2002); FUJ00088046 (v 5.0 dated 28 August 2002); FUJ00088087 (v 6.0 dated 8 August 2003);
FUJ00088155 (v 7.0 dated 14 April 2005); FUJ00088442 (v 8.0 dated 2 June 2009)
248 See, eg, Access Control Policy (RS/POL/003), FUJ00087993 (v 3.0 dated 18 December 1998) at §8.7.3;
FUJ00088018 (v 4.0 dated 16 July 2002); FUJ00088046 (v 5.0 dated 28 August 2002); FUJ00088087 (v
6.0 dated 8 August 2003); FUJ00088155 (v 7.0 dated 14 April 2005); FUJ00088442 (v 8.0 dated 2 June
2009)
Page 121 of 218
WITN06650400
WITN06650400
c. Security Functional Specification?*°, which defined the security functionality
and controls incorporated into the POA and Horizon, including, access rights;
and
d. Security Management Procedures 75° (“Security Procedures”), which
defined the security management procedures to be used by Fujitsu, based
on BS7799, including in relation to the use of Privileged Access.
196. The policy, procedure and specification documents provided the basis for the
development of further documentation, systems and tools relating to the Privileged
Access Obligations, including:
a. Guidance for relevant Operational Services teams to perform Privileged
Access, for example, the support guide for the OpenSSH client, which was
used to provide secure access to remotely managed systems, including
Horizon counters;25"
b. Processes relating to the use of remote access rights and privileges to
remedy errors in transaction data and branch accounts, including the
249 Security Functional Specification (RS/FSP/001), FUJ00087988 (v 3.0 dated 3 December 1997);
FUJ00001293 (v 4.0 dated 12 May 1999); FUJ00088024 (v 5.0 dated 23 July 2002); FUJ00088053 (v 6.0
dated 12 September 2002); FUJ00001747 (v 7.0 dated 24 January 2003); FUJ00088143 (v 8.0 dated 23
March 2005); FUJ00088167 (v 9.0 dated 1 February 2006)
250 Security Procedures (RS/PRO/028), FUJ00088004 (v 1.0 dated 10 May 1999)
251 OpenSSH Support Guide (DE/SPG/003), FUJ00088082 (v 1.0 dated 30 June 2003); FUJ00088099 (v
2.0 dated 9 October 2003); FUJ00088 115 (v 3.0 dated 25 May 2004); FUJ00088140 (v 4.0 dated 9 February
2005); DRS Host Support Guide (NB/MAN/003), FUJ000907 19 (v 5.0 dated 13 April 2005)
Page 122 of 218
WITN06650400
WITN06650400
Operational Change Proposal (“OCP”) 22 and Operational Correction
Request (“OCR”) procedures;?53
c. Work instructions for Third Line Support staff making changes in the Riposte
message stores;?4
d. Requirements definitions relating to user access roles for teams and
individuals delivering the relevant Operational Services, which included
defining the roles and responsibilities for personnel who required access to
the Horizon system;?5° and
e. System design documents for teams and individuals delivering the
Operational Services to access Horizon counters and servers.75°
252 Customer Service Operational Change Procedure (CS/PRD/019), FUJ00232520 (v 0.1 dated 3 May
2000); FUJ00232537 (v 0.4 dated 20 November 2003); FUJ00232538 (v 0.5 dated 24 February 2004);
FUJ00232539 (v 1.0 dated 18 March 2004)
253 CS Support Services Operations Manual (CS/QMS/004), FUJ00232449 (v 1.0 dated 7 November 2000);
FUJ00120446 (v 2.0 dated 29 January 2001)
254 SSC Work Instruction WI1640J, FUJ00152244, dated 29 May 2001
285 Secure Support Role Definitions for SECURENT Build (RS/REQ/023), FUJ00088096 (v 1.0 dated 8
August 2003); FUJ00088104 (v 2.0 dated 18 March 2004); FUJ00088118 (v 3.0 dated 22 July 2004);
FUJ00088132 (v 4.0 dated 4 December 2004); FUJ00088178 (v 5.0 dated 25 May 2006); FUJ00088208 (v
6.0 dated 30 May 2007); Group Definitions for the Secure NT Build (RS/REQ/016), FUJ00232444 (v 1.0
dated 4 November 1999); FUJ00232445 (v 2.0 dated 30 January 2000); FUJ00232447 (v 3.0 dated 18
October 2000); FUJ00232472 (v 4.0 dated 6 February 2001); FUJ00232477 (v 5.0 dated 5 June 2001);
FUJ00232487 (v 6.0 dated 14 January 2002)
258 Secure Support System Outline Design (SY/SOD/009), FUJ00088036 (v 1.0 dated 2 August 2002);
Platform Physical Design for the Secure Access Server (SD/DES/224), FUJ00088064 (v 1.0 dated 24
October 2002)
Page 123 of 218
WITN06650400
WITN06650400
The HNG-X Agreements
Security Management
197. During the HNG-X Agreements, the Security Management Service?5’ continued to
provide security-related activities required for compliance with relevant standards,
which were ISO 27001 during this period. In relation to the Privileged Access
Obligations, these activities were to be carried out in accordance with policy and
procedure documents formulated specifically for HNG-X, including:
a. Information Security Policy,?5* which came to replace the Access Control
Policy;
b. — Information Security Management System (ISMS) Manual, which provided a
high-level overview of the approach and framework used within Fujitsu to
implementing, maintaining and monitoring information security; and?59
c. Additional guidance for relevant Operational Services teams for software
tools used to perform remote access functions in HNG-X, for example the
257 Security Management Service (SVM/SDM/SD/0017), FUJ00088180 (v 1.0 dated 24 August 2006);
FUJ00088337 (v 2.0 dated 31 December 2008); FUJ00088683 (v 3.0 dated 15 October 2010);
FUJ00088869 (v 4.0 dated 4 December 2013); FUJ00088897 (v 5.0 dated 4 April 2014); FUJ00089152 (v
6.0 dated 21 May 2015); FUJ00232973 (v 8.0 dated 23 April 2023); FUJ00235003 (v 9.0 dated 25
September 2023)
288 RMGA Information Security Policy (SVM/SEC/POL/0003), FUJ00002070 (v 1.0 dated 25 July 2008);
FUJ00232606 (v 2.0 dated 5 August 2008); FUJ00002073 (v 3.0 dated 20 October 2008); FUJ00088338
(v 4.0 dated 12 February 2009); FUJ00088496 (v 5.0 dated 15 September 2009); FUJ00088874 (v 6.0
dated 23 January 2014)
289 ISMS Manual (SVM/SEC/MAN/0003), FUJ00232604 (v 1.0 dated 30 April 2008); FUJ00232619 (v 2.0
dated 21 July 2010); FUJ00232652 (v 3.0 dated 21 December 2012); FUJ00232654 (v 4.0 dated 29
January 2014); FUJ00232655 (v 5.0 dated 30 April 2014)
Page 124 of 218
WITN06650400
WITN06650400
Host Branch Database Support Guide, which provided guidance for the SSC
to use the Transaction Correction Tool in the Branch Database (“BRDB’”).2°
198. While I do not have specific first-hand knowledge of the detailed technical
operation of Privileged Access to Horizon during the Relevant Period, I have been
made aware that former members of the SSC have given evidence to the Inquiry
acknowledging that (i) certain documented processes and/or procedures relating
to Privileged Access contained inaccuracies, (ii) it was possible for the SSC not to
follow the documented processes and/or procedures relating to Privileged Access
without detection, (iii) not all actions undertaken using Privileged Access were
audited and/or auditable during certain times within the Relevant Period, and (iv)
it was possible for errors to be made while using Privileged Access that could
impact financial data relating to a Post Office branch. I have also been made aware
260 Host Branch Database Support Guide (DES/APP/SPG/0001), FUJ00088549 (v 1.0 dated 29 October
2009); FUJ00088730 (v 2.0 dated 3 February 2011); FUJ00088797 (v 3.0 dated 21 September 2011);
FUJ00088806 (v 4.0 dated 20 February 2012); FUJ00088836 (v 5.0 dated 21 June 2013); FUJ00089047
(v 6.0 dated 15 January 2015); FUJ00089100 (v 7.0 dated 20 February 2015); FUJ000891 12 (v 8.0 dated
15 April 2015); FUJ00089181 (v 9.0 dated 25 August 2015); FUJ00089219 (v 10.0 dated 14 December
2015); FUJ00089545 (v 11.0 dated 3 January 2017); FUJ00089585 (v 12.0 dated 26 April 2017);
FUJ00089606 (v 13.0 dated 16 August 2017); FUJ00089621 (v 14.0 dated 2 October 2017); FUJ00089676
(v 15.0 dated 15 January 2018); FUJ00234948 (v 16.0 dated 14 May 2018); FUJ00234949 (v 17.0 dated
27 June 2019; FUJ00234950 (v 18.0 dated 16 October 2019); FUJ00234951 (v 19.0 dated 27 March 2020);
FUJ00234952 (v 20.0 dated 16 April 2020); FUJ00234953 (v 21.0 dated 11 December 2020);
FUJ00234954 (v 22.0 dated 28 January 2021); FUJ00234955 (v 23.0 dated 23 July 2021); FUJ00234956
(v 24.0 dated 29 July 2022); FUJ00234957 (v 25.0 dated 1 September 2022); FUJ00234958 (v 26.0 dated
9 May 2024); DRS Host Support Guide (DEV/APP/SPG/0028), FUJ00088546 (v 1.0 dated 28 October
2009); FUJ00234959 (v 2.0 dated 10 June 2013); FUJ00089073 (v 3.0 dated 21 January 2015);
FUJ00234960 (v 4.0 dated 18 July 2016); FUJ00089582 (v 5.0 dated 19 April 2017); FUJ00234961 (v 6.0
dated 24 December 2019); FUJ00234962 (v 7.0 dated 30 March 2020); FUJ00234963 (V 8.0 dated 1
September 2022); FUJ00234964 (v 9.0 dated 20 June 2023); POA User Access Procedure
(SVM/SEC/PRO/0012), FUJ00235010 (v 1.0 dated 27 July 2009); FUJ00089673 (v 11.0 dated 7 November
2017); FUJ00235011 (v 12.0 dated 18 January 2019); FUJ00235012 (v 14.0 dated 19 August 2020);
FUJ00235013 (v 15.0 dated 18 October 2021); FUJ00235014 (v 16.0 dated 1 September 2022);
FUJ00235015 (v 17.0 dated 17 March 2023); FUJ00235016 (v 18.0 dated 20 June 2023); FUJ00235017
(v 19.0 dated 23 August 2023); FUJ00235018 (v 20.0 dated 3 November 2023); POA Privileged Account
Policy (SVM/SEC/POL/4538), FUJ00235007 (v 1.0 dated 28 July 2022); FUJ00235008 (v 2.0 dated 23
March 2023; FUJ00235009 (v 3.0 dated 15 January 2024); FUJ00243144 (v 4.0 dated 23 May 2024)
Page 125 of 218
WITN06650400
WITN06650400
of contemporaneous external audits that raised concerns in relation to Privileged
Access in 2011, 2012 and 2017.261
Changes to the use of access rights and privileges
199. During the first quarter of 2022, POL requested weekly reports from Fujitsu on all
access made by Fujitsu support teams to POL branch counter systems.76? The
report was to be shared by Fujitsu SecOps via HORIce each week and contain
various details of each instance of remote access, including the date and time of
the access.?63 Under approved CWO0574,?°4 weekly reports were due to be
delivered across a 3-month period .26° Under CCN 1718, it was agreed that the
provision of the report would continue as part of the Security Management
Service.?66
200. Fujitsu also considered access rights to non-BRDB databases at this time and
raised CP2831/CP7388 (Refinement of access rights to non-BRDB databases).”6”
CP2831/CP7388 was submitted in January 202276 with the intention to change
all non-BRDB default privileges for Third Line Support staff to “read only’, with
validated logging required to perform approved write-access changes (e.g.,
contractual tasks such as reconciliation and Operational Business Change, or
261 See, for example, FUJ00086945, FUJ00086969, FUJ00086970 and FUJ00087227.
262 CWO No. 0574, FUJ00232844, raised on 1 March 2022
283 CWO No. 0574, FUJ00232844, raised on 1 March 2022
264 FU J00232846, dated 14 March 2022
285 CWO No. 0574, FUJ00232844, raised on 1 March 2022; Change Proposal CP2851/7408,
FUJ00232827, raised on 21 February 2022
266 FUJ00233140, raised on 25 May 2022
287 Refinement of Access Rights to Oracle Databases (ARC/SOL/PSD/4429), FUJ00232848 (v 1.0 dated
31 March 2022)
268 FUJ00232819, dated 18 January 2022; FUJ00232820
Page 126 of 218
WITN06650400
WITN06650400
other POL pre-approved system fixes as documented in the ‘Horizon Data
Changes Process Work Instruction’ (with internal reference
SVM/SDM/PRO/4293), the “Data Changes Work Instruction”).”°9 The CPs also
sought to ensure that all human user actions taken against the non-BRDB
databases were fully logged and written to the Audit Archive.2”°
201. Pursuant to CP2876/CP7433 (Standardise Database Logging Configurations),?”*
in November 2022, the auditing of all human database actions was further revised
to include the BRDB.
Changes to APPSUP.
202. On 18 October 2016 under MSC 043J0451867, Fujitsu removed the default
privilege APPSUP role from user access on BRDB and made it an on-demand,
pre-approved and controlled allocation of temporary rights.2’? This is documented
in the Data Changes Work Instruction (SVM/SDM/PRO/4293).
203. Further, in May 2021, Fujitsu implemented a new jointly defined and agreed
process with POL for APPSUP usage.?’3 The Data Changes Work Instruction
describes all scenarios under which Fujitsu may be required to amend live data.
269 FUJ00232989 (v 1.1 dated 1 August 2023); FUJ00232991 (v 2.0 dated 11 August 2023); FUJ00234990
(v 3.0 dated 3 May 2024)
270 FUJ00232820
27 Standardise Database Logging Configurations (ARC/SOL/PSD/4703), FUJ00232864 (v 1.0 dated 8
November 2022)
272 FUJ00232670
273 Data Changes Process Work Instruction (SVM/SDM/PRO/4293), FUJ00232719 (v 0.1 dated 28 June
2021)
Page 127 of 218
WITN06650400
WITN06650400
204. Following these changes, Fujitsu revised the documentation of the process for
granting the APPSUP role and how the approvals and evidence of actions would
be recorded. The processes around the temporary granting of the APPSUP role
were defined in Fujitsu's Data Changes Work Instruction and have been further
updated in 2022, 2023 and 2024.274
Transaction Correction Tool
205. On 13 May 2021, Fujitsu decommissioned the Transaction Correction Tool, with
the approval and involvement of POL, under Release 21.51.25 The Transaction
Correction Tool (also known as BRDBX015) provided “a packaged and audited
interface to run defined data correction scripts. This tool allows the Fujitsu SSC to
insert balancing records to transactional, accounting, or stock tables in the BRDB.
The tool was created as making data amendments is highly complex, requiring
many parts of the system to be amended concurrently to ensure data integrity and
avoid errors” .276
Current Position
206. Further to the changes described above, the process currently followed by Fujitsu
support staff when using Privileged Access is set out in the Data Changes Work
Instruction.2”7
274 FU J00232854 (v 1.0 dated 1 August 2022); FUJ00232989 (v 1.1 dated 1 August 2023); FUJ00232991
(v 2.0 dated 11 August 2023); FUJ00234990 (v 3.0 dated 3 May 2024)
275 POA Improvements Log (WIP), FUJ00232995 (v 0.11 dated 4 September 2023)
276 POL00030526, dated 12 February 2021
277 Horizon Data Changes Process Work Instruction (SVM/SDM/PRO/4293), FUJ00234990 (v 3.0 dated 3
May 2024)
Page 128 of 218
WITN06650400
WITN06650400
207. I understand from the RA Report that “APPSUP is not used to correct branch
balance discrepancies or to amend financial transactions. Corrections relating to
branch balance discrepancies are performed by POL using the POL Transaction
Correction Process. APPSUP is used for non-balance impacting actions (such as
stock unit associations, emergency branch opening, or monthly tidying of despatch
reports). Some APPSUP actions can indirectly lead to a balance impact (such as
deleting a corrupt recovery message that is causing a logon loop). Where an action
being taken by Fujitsu using APPSUP could lead to a balance impact, it is POL
that decide if any balance discrepancy correction is required with the branch and
it is POL that take any corrective action required.”278
MONITORING COMPLIANCE WITH THE RELEVANT OBLIGATIONS
208. In the Request, the Inquiry has asked what, if any, internal or external measures
were put in place to monitor Fujitsu’s compliance with the Relevant Obligations
during the Relevant Period, including any changes that have been made to these
measures since 17 December 2019.
209. Fujitsu understands that its compliance with the Relevant Obligations has been
monitored primarily using the following:
a. Review and management forums involving Fujitsu and POL relating to the
performance of Horizon services, including the Service Management Review
Forum (noted above), as well as Operational Review Forums ("Operational
278 POL00030527, 26 February 2021
Page 129 of 218
WITN06650400
WITN06650400
Review Forums”) and the HDR Forum, which are explained below. These
forums were supported by (i) dedicated services within Fujitsu responsible
for monitoring and/or reporting on the performance of Horizon services,
notably the Service Management Service (paragraphs 86 to 100 above) and
the Management Information Service (paragraphs 113 to 127 above), and (ii)
applications, such as HORice,’° to monitor compliance;
b. Contract governance reviews; and
c. — Internal and external audits conducted in accordance with relevant BSI, ISO,
Information Technology Infrastructure Library (“ITIL") and Industry Standard
Audit Methodology (“ISAE") standards, as described in more detail at
paragraph 220 below.
Service management and operational review forums
Service Management Review Forum
210. As noted above at paragraphs 88 to 91, Fujitsu’s performance was reported and
monitored in accordance with the governance framework established by the
Horizon contract. The Service Management Review Forum formed part of this
governance framework, and was ostensibly responsible for monitoring, evaluating
and discussing service and operational issues.
279 For example, on 19 October 2020, Fujitsu observed an internet connectivity issue affecting network
traffic. The issue was affecting all Fujitsu POA services using the internet. The Fujitsu Network Operations
Centre Major Incident Management Team investigated the issue. Fujitsu POA raised multiple high priority
incidents for the affected services from 4:28pm. Around 5:30pm, the connection began to be restored and
affected services started to recover. The SMC monitored the recovery using HORIce; FUJ00232704
Page 130 of 218
211.
WITN06650400
WITN06650400
As noted in paragraphs 88 to 97 above, the Service Management Review Forum
was a monthly meeting attended by representatives of Fujitsu and POL during the
Relevant Period. Its composition, role and responsibilities under the Varied and
Restated Agreements were set out as follows:
a. “Review performance against contracted service levels and agree remedies
payable (if any)”;
b. “Track MTBF [Mean Time Between Failure]’ rates, review operational
reliability of Branch Infrastructure and consider/recommend remedial courses
of action (e.g., full or partial technological refresh or service level relief)”;
c. “Resolve operational issues including, but not limited to those arising from
non-conformance to contracted service levels”;
d. “Release Authorisation: agree the criteria and processes by which releases
would be authorised for release into field trial or live operation and carry out
readiness reviews accordingly’;
e. “Ensure continuous improvement in the ongoing/steady state/business as
usual Service Management environment’;
f. “Review of future change plans to ensure live environment is adequately
prepared”;
g. “Capacity management’; and
Page 131 of 218
212.
213.
WITN06650400
WITN06650400
h. “Monitor and review operations of Operational Business Change
processes’ .280
According to the Varied and Restated Agreements, attendees from POL would
include the Head of Network Support, the Supplier and Service Performance
Manager, and the Commercial Manager. Fujitsu attendees would include the
Customer Service Director and the Infrastructure Service Manager. 28" I also
understand from the POA that the stated purpose and attendees of the Service
Management Review Forum (by reference to their roles) did not change during the
period Legacy Horizon was operational.?6?
It appears that by October 2010, the format of the Service Management Review
Forum changed.?® At least by 2013, the Service and Commercial Review was
discharging similar functions to the Service Management Review Forum. Its terms
of reference are recorded as being:
a. “Ensuring continuous improvement in the service management environment
through pro-active management.”
280 FUJ00000074, Schedule 4, p. 13
281 See, for example, FUJ00000074, Schedule 4, pp. 12-13
282 FUJ00000087 (v 2.0 dated 6 August 2003); FUJ00000079 (v 3.0 dated 5 November 2003);
FUJ00000080 (v 4.0 dated 26 August 2004); FUJ00000081 (v 5.0 dated 5 July 2005); FUJ00000082 (v 6.0
dated 30 November 2005); FUJ00000083 (v 7.0 dated 15 August 2006) (in each case at Schedule 4)
283 Email from L. Brown to T. Atkinson, L. Machin, S. Bothick and others, FUJ00232620, dated 1 October
2010
Page 132 of 218
WITN06650400
WITN06650400
b. “Reviewing Operational Services performance, including against agreed
Service Levels and agreeing remedies payable (if any) in accordance with
the relevant terms of this Agreement.”
c. “Reviewing network performance.”
d. “Reviewing operational reliability of Infrastructure, tracking MTBF rates and
considering/recommending remedial courses of action (e.g., full or partial
technological refresh or Service Level relief).”
e. “Resolving operational issues including, but not limited to, those arising from
non-conformance to agreed Service Levels.”
f. “Reviewing future change plans to ensure the live environment is prepared
for Operational Services.”
g. “Capacity management in relation to Service Management Services.”
h. “Monitoring Operational Business Change processes.”2®4
214. As noted above at paragraphs 91, 120 and 124, the primary input into the Service
Management Review Forum was the Service Management Report, which was a
report prepared by the Management Information Service that reported on the
performance of certain Operational Services provided under the Horizon
contract.?85 As with the review and reporting framework, the precise structure and
284 FUJ00174800
285 Fujitsu was required to “prepare the necessary reports for discussion” at the Service Management
Review Forum meetings. Management Information Service (CS/SER/015), FUJ00120479 (v 1.0 dated 20
December 2002), FUJ00001910 (v 2.0 dated 18 November 2004), FUJ00001965 (v 3.0 dated 8 July 2005)
Page 133 of 218
WITN06650400
WITN06650400
content of the Service Management Report changed during the Relevant Period.
Based on the contemporaneous documents that have been identified to date, there
appears to have been three major iterations of the Service Management Report,
which were titled as follows:
a. ‘Service Review - Performance Statistics’, which appear to have been
produced between 1997 and 2002;786
b. ‘Service Review Book’, which appear to have been produced between 2002
and 2010;287 and
c. ‘Service Management Review / Service & Commercial Review’ meeting
packs, which comprised of multiple documents and appear to have been
produced from 2010 onwards.?8
215. Whilst the content and format of the Service Management Reports changed during
the Relevant Period, the Service Management Reports do seem from the available
records to have been produced and circulated in advance of the monthly Service
Management Review Forum meeting and typically contained information, data and
statistics in relation to the performance of the Operational Services, including in
relation to Service Level Agreements/Targets, problem and incident management,
286 See, for example, FUJ00058221 and FUJ00058213, and other documents disclosed to the Inquiry with
internal reference CS/PER/013
287 See, for example, FUJ00152273 and FUJ00152276, and other ‘Service Review Books’ previously
disclosed by Fujitsu to the Inquiry with internal reference CS/PER/045
288 See, for example, FUJ00232625, FUJ00232626 and FUJ00232627, each of which are attachments to
FUJ00232624; and FUJ00232637, FUJ00232638 and FUJ00232639, each of which are attachments to
FUJ00232636
Page 134 of 218
WITN06650400
WITN06650400
call volumes to the Service Desk and business management issues (e.g., BIMS
reports).289
Operational Review Forums
216. The Service Management Review Forum was supported by monthly Operational
Review Forums that were each responsible for reviewing the performance of a
specific service and any related operational issues, including relevant Service
Level Agreements and operational level agreements.2°
217. I understand that the Operational Review Forums were typically attended by
representatives of Fujitsu and POL,?9' who were expected to (i) report on the
overall performance of the specific part of the service, (ii) identify and record
associated risks, issues and problems with the service, (iii) offer informed opinions
on the service which could be escalated and understood by the Service
Management Review Forum, and (iv) deliver delegated and/or escalated actions
and ensure results were communicated to the Service Management Review
forum.?92
218. Based on the contemporaneous documents identified to date, there were several
Operational Review Forums that reported to the Service Management Review
289 See, for example, FUJ00152274, FUJ00225029 and FUJ00232673.
299 Post Office Account Governance Review, FUJ00174800, dated 2 August 2013, p. 7; See, also, the
‘Service Level Management High Level Process Description’, FUJ00232448 (v1.1 dated 20 October 2000
FUJ00232448, and ‘OBC Branch Operational Review Terms of Reference’ (v 0.4 dated 17 September
2008). Both of these documents appear to have been authored by POL and contain diagrams showing the
structure and reporting of the Operational Review Forums, FUJ00232448
231 FUJ00174800, p. 7
282 Service Management High Level Process Description, FUJ00232448, dated 20 October 2000
Page 135 of 218
WITN06650400
WITN06650400
Forum, including the (i) Helpdesk Forum, (ii) Problem Management Operational
Review Forum, and (iii) Incident Review and Exception BIMS Forum.29%
Other joint customer review meetings
219. In addition to the Service Management Review Forum and Operational Review
Forums noted above, I understand from the POA that Fujitsu and POL have more
recently established joint customer review meetings to allow for additional and
more frequent management of the Operational Services, which include (i) a
‘Weekly Priority Call’, which was established in December 2021 and ended in
December 2023, and (ii) a ‘Hot Topics’ forum, which was established in August
2022.94 These forums are not required under the HNG-X Agreements.
Internal and External Audits
220. In addition to the forums noted above at paragraphs 208 to 218, it has been
explained to me that Fujitsu’s compliance with the Relevant Obligations were
monitored through internal and external audits conducted to the following industry
standards:
a. ISO 9001, which concern ‘general quality’;
b. BS7799, ISO 17799 and ISO 27001, which concern security;
293 For examples of minutes of an Operational Review Forum, see, FUJ00119973. For examples of reports
to the Service Management Review Forum see, FUJ00119974, FUJ00232476, FUJ00232498,
FUJ00232494, FUJ00232448
294 See, for example, FUJ00233142
Page 136 of 218
WITN06650400
WITN06650400
c. BS 1500 and ITIL, which concern problem and incident management; and
d. ISAE 3402, which concern financial statements and reporting, and
associated processes.
221. The standards listed above at paragraph 220 appear to cover a wide range of
topics, however, those most pertinent to the Relevant Obligations appear to
include:
a. Security, incident and problem management;29
b. I Security awareness training;2%
c. Privilege management;29”
d. Quality management;2°° and
e. Customer service.?°
295 See, for example, Assessment Control Page, FUJ00080712, dated 22 March 2004; Assessment Control
Page, FUJ00080799, dated 1 February 2009; Local Security Audit Report — Networks — 2009,
FUJ00080805 (v 1.0 dated 18 August 2009)
296 See, for example, Bureau Veritas Certification External Assessment Report, FUJ00080632, dated 15
November 2013
297 See, for example, Assessment Control Page, FUJ00080630, dated 7 August 2013; Assessment Control
Page, FUJ00080645, dated 20 April 2017
298 Examples of monthly reports on quality management across RMGA/POA dated between April 2011 and
March 2017 include: FUJ00080831 (v 5.1 2011-06 dated 28 June 2011); FUJ00080842 (v 2011-10.0 dated
21 November 2011); FUJ00080950 (v 2016-12 dated 2 February 2017)
299 Quality Management Report (December 2016) (PGM/PAS/REP/0798), FUJ00080950 (v 2016-12 dated
2 February 2017); Assessment Control Page, FUJ00080737, dated 4 October 2005
Page 137 of 218
WITN06650400
WITN06650400
222. For example, on 20 August 2020, POL wrote to Fujitsu to request an audit of the
Horizon services.* It was agreed that Fujitsu would prepare a set of audit reports.
From January to March 2021, Fujitsu delivered six reports on its working practices:
a. ‘SDLC Report’ (with internal reference COM/MGT/REP/4168);°°"
b. ‘Testing & QA Report’ (with internal reference COM/MGT/REP/4166);302
c. ‘The BED Current Process Report’ (with internal reference
COM/MGT/REP/4184),2°5
d. The ‘RA [Remote Access] Report’ (with internal reference
COM/MGT/REP/4165);5%
e. ‘HNGA Robustness (Service Delivery Metrics) Report’ (with internal
reference COM/MGT/REP/4167);3° and
f. ‘The BED Report (29 BED as identified by Fraser J)’ (with internal reference
COM/MGT/REP/4 169).2°°
800 Letter from T. Jowett to W. Warham titled "Re: Horizon Audit", FUJ00232700
31 SDLC Report, FUJ00232715 (v 1.0 dated 29 January 2021)
2 Testing & QA Report, FUJ00232714 (v 1.0 dated 29 January 2021)
3°3 POL00030527, dated 26 February 2021
3°4 POL00030526, dated 12 February 2021
305 HNGA Robustness (Service Delivery Metrics) Report, FUJ00232717 (v 1.0 dated 12 March 2021)
306 POL00030528, dated 22 February 2021
Page 138 of 218
WITN06650400
WITN06650400
Contract Governance Reviews
223. Fujitsu conducts reviews of the governance of the Horizon contracts regularly,
including in January 2021 ,°°7 June 2022,%°8 and September 2022.5°9 As a result of
such reviews, Schedule A2 (Relationship and Governance) was updated in July
2023, 31° and Fujitsu has mapped its contractual requirements to ensure
compliance with its obligations, including updating details of the HDR in Schedule
A2 (Relationship and Governance)."! Changes to Schedule A2 (Relationship and
Governance) are discussed with POL at monthly contractual governance review
meetings, attended by, amongst others, Daniel Walton; an example of which is
appended to this corporate statement.3!2
FINANCIAL PENALTIES
224. The Request further asks whether Fujitsu incurred any financial penalties between
1 January 2000 and 16 December 2019 as a result of non-compliance with the
Relevant Obligations.
225. The contractual structure pursuant to which liability for financial compensation
could be incurred by Fujitsu during this period is set out below. I understand that
this contractual structure is not limited to the Relevant Obligations, and liability for
307 Schedule A2 - Relationship and Governance, FUJ00232818 (updated January 2021)
308 Schedule A2 - Relationship and Governance, FUJ00232851 (updated June 2022)
309 Schedule A2 - Relationship and Governance, FUJ00232986 (updated September 2022)
310 FU J00232984
311 Horizon Defects Review Terms of Reference, FUJ00232985 (v 3.2 dated 3 January 2023)
312 FUJ00232990
Page 139 of 218
WITN06650400
WITN06650400
financial compensation could be incurred by Fujitsu in relation to other contractual
provisions which fall outside the subject-matter of this corporate statement.
226. Where liability was incurred by Fujitsu, it appears that payment was generally
made by way of credit note, which would be offset against the charges payable by
POL. While Fujitsu has identified a number of documents relating to the provision
of credit notes to POL, which have been provided to the Inquiry with this corporate
statement, I understand there are limitations to this data. In particular, (i) Fujitsu’s
financial records relating to the Post Office account prior to 2003 do not appear to
be complete, (ii) in some instances, the records held appear to be duplicative and
it is not possible to identify which is the final version without a forensic accounting
investigation and also supporting witness evidence, and (iii) as indicated above, it
is not the case that all credit notes relate to the payment of financial compensation
for non-compliance with the Relevant Obligations. As a result, it has not been
possible in the time available to identify from the available documentation, for each
credit note, the specific incident which gave rise to the credit note or whether these
incidents related to non-compliance with the Relevant Obligations.
CONTRACTUAL OBLIGATIONS RELEVANT TO FINANCIAL PENALTIES
227. The provision of services by Fujitsu under the Horizon contract was measured
against ‘Service Levels’ and ‘Service Level Agreements’, defined as “quantified
and measurable” standards.*'3 To the extent relevant thresholds within certain
313 Codified Agreement, Schedule A01 (Interpretation); Varied and Restated Agreements, Schedule 1
(Interpretation); HNG-X Agreements, Schedule 1 (Interpretation)
Page 140 of 218
WITN06650400
WITN06650400
‘Service Levels’ and ‘Service Level Agreements’ were not met, POL was entitled
to liquidated damages. Further detail regarding POL’s entitlement to liquidated
damages in respect of the Operational Services most relevant to the Incident
Management Obligations and Privileged Access Obligations is set out in the
Appendix to this corporate statement.
The Codified Agreement (28 July 1999 to 30 December 2002)3"4
228. The main contractual provisions in the Codified Agreement relating to the payment
of compensation by Fujitsu to POL where the provision of services fell below
applicable Service Levels included clause 802 (Service Credits and Delay).Clause
802 noted that, in the event that Service Levels in respect of services specified in
the clause were not achieved, Fujitsu was required to (i) credit POL with Service
Credits (defined as “Payment, discount or credit given by the Contractor to [POL]
resulting from a delay in provision of POCL Services, or from POCL Services’
failure to meet the required Service Levels”)°'> as an adjustment to the charges
payable by POL under the Codified Agreement, or (ii) pay POL liquidated
damages. The calculations for Service Credits and liquidated damages were set
out in the relevant Schedules. The services specified in clause 802 do not appear
to relate to the Relevant Obligations.
229. In addition to the above, pursuant to clauses 210.2 and 301.10.2 of the Codified
Agreement, Fujitsu bore responsibility for the costs of further releases “from time
314 Defined terms contained within this section that are not defined within this corporate statement take the
meanings given to them in the Codified Agreement
315 Codified Agreement, p. 18 (Interpretation)
Page 141 of 218
WITN06650400
WITN06650400
to time as necessary to remedy defects in the provision of the contractual
services.
Varied and Restated Agreements (31 December 2002 to 15 August 2006)°15
230. Fujitsu was also required under the Varied and Restated Agreements to
compensate POL for loss or damage incurred as a result of the provision of
services by Fujitsu falling below applicable Service Levels. The relevant provisions
are identified below:
a. Clause 9.2.4: Provided that “the Services shall be performed in accordance
with all applicable service levels’. The applicable Service Levels were
contained in Schedule 15.
b. Clause 29 — Liquidated Damages and Post Office Additional Cost: In the
event that Fujitsu’s services failed to meet the Service Levels contained in
Schedule 15, Fujitsu was required to pay POL liquidated damages (“a
reasonable and genuine pre-estimate of the loss likely to be suffered” by POL
per clause 29.4) and ‘Post Office Additional Costs’ (as defined in Schedule
15) in the form of credit notes. Liquidated damages were “a reasonable and
genuine pre-estimate of the loss likely to be suffered” by POL (clause 29.4).
c. Schedule 15 (Service Levels and Remedies): Schedule 15 described three
Service Level thresholds:
316 Defined terms contained within this section that are not defined within this corporate statement take the
meanings given to them in the Varied and Restated Agreements
Page 142 of 218
WITN06650400
WITN06650400
(i) the level of service (“Service Level Target” or “SLT”) required from
Fujitsu by POL. Not all SLT failures gave rise to payment of liquidated
damages.
(ii) the level of service which, if not achieved by Fujitsu, gave rise of
payment of liquidated damages by Fujitsu (the “Liquidated Damages
Threshold” or “LDT”)
(iii) The level of service (below the SLT and the LDT) which, if not
achieved, would give rise to payment by Fujitsu of Post Office
Additional Costs or liquidated damages (Additional Remedy Level (or
“ARL”). Post Office Additional Costs were defined in Schedule 1 as
“in respect of the ARL failure in question, [POL]'s reasonable
additional direct costs and expenses arising as a result of that ARL
failure including, without limitation, [POL]’s additional direct staff, help
desk and telephone costs”).
All Service Levels were to be monitored on a weekly and monthly basis, and
failure to meet Service Levels were required to be reported by Fujitsu to POL
in a Service Review Book. The Annexes to Schedule 15 defined Service
Level thresholds for the following groups of services:
Page 143 of 218
WITN06650400
WITN06650400
(i) I Support Desk Services*"’ (this included the following Operational
Services: Engineer Service; Horizon Helpdesk Services and
Technical Service Desk Service);
(ii) I Data Delivery Services;3"®
(iii) I Banking Services;3'9 and
(iv) Miscellaneous Services (including Data Errors).3°
231. The calculation of credit notes in respect of the abovementioned Service Levels is
set out in the Annexes to Schedule 15.
232. In addition to the above, pursuant to clause 6.2 of the Varied and Restated
Agreements, Fujitsu “may issue further Releases of Software...from time to time
as necessary to remedy defects in the provision of the contractual services.
Clause 10 of the Varied and Restated Agreements defined the Charges payable
by POL in relation to the services provided by Fujitsu. It is unclear without
exhaustively examining what comprised the Charges whether the costs of such
releases were required to be borne by Fujitsu or POL. Fujitsu intends to continue
its analysis of the Charges to ascertain this information for the Inquiry but
regrettably this analysis has not been completed at the time of preparing this
corporate statement.
317 Varied and Restated Agreements, Schedule 15, Annex 1
318 Varied and Restated Agreements, Schedule 15, Annex 2
319 Varied and Restated Agreements, Schedule 15, Annex 3
320 Varied and Restated Agreements, Schedule 15, Annex 4
Page 144 of 218
WITN06650400
WITN06650400
HNG-X Agreements (15 August 2006 to 31 December 2019)°2"
233. The HNG-X Agreements also contained obligations for Fujitsu to compensate POL
for loss or damage incurred as a result of the provision of ‘HNG-X Services’ by
Fujitsu falling below applicable Service Levels. The relevant provisions are
identified below:
a. Clause 17 — Service Levels: The HNG-X Services provided by Fujitsu were
to achieve the Service Levels in Schedule C1 (Service Level Principles and
Remedies).
b. Clause 18 (Service Level Remedies): In the event that the Services failed to
meet the Service Levels in Schedules C1 or B4.4 (Existing Service Levels),
Fujitsu was required to pay POL liquidated damages (in the form of credit
notes, unless POL directed otherwise) calculated in accordance with
Schedule C1 or Schedule B4.4.
c. The specified HNG-X Services to which financial compensation applied
under Schedules C1 and B4.4 included:
(i) Support Desk Services (This included the following Operational
Services: Engineer Service; Horizon Helpdesk Services and
Technical Service Desk Service);322
321 Defined terms contained within this section that are not defined within this corporate statement take the
meanings given to them in the Varied and Restated Agreements
322 HNG-X Agreements, Schedule B4.4, Annex 1
Page 145 of 218
WITN06650400
WITN06650400
(ii) I Data Delivery Services; 52°
(iii) I Banking Services;24 and
(iv) I Miscellaneous Services.325
d. As.under the Varied and Restated Agreements, all levels of HNG-X Services
were to be monitored on a weekly and monthly basis, and failure to meet
Service Levels was required to be reported by Fujitsu to POL by means of a
Service Review Book (Schedule B4.4).
234. In addition to the above, pursuant to clause 12.2 of the HNG-X Agreements, Fujitsu
“may issue further Releases of Software...from time to time as necessary to
remedy defects in the provision of’ the contractual services. Clause 21 of the HNG-
X Agreements defined the Charges payable by POL in relation to the services
provided by Fujitsu. It is unclear without exhaustively examining what comprised
the Charges whether the costs of such releases were required to be borne by
Fujitsu or POL. Fujitsu intends to continue its analysis of the Charges to ascertain
this information for the Inquiry but regrettably this analysis has not been completed
at the time of preparing this corporate statement.
LIQUIDATED DAMAGES MECHANISMS
235. In the course of preparing this corporate statement, Fujitsu has identified
mechanisms, set out in paragraphs 237 to 262 below, which exemplify some of the
323 HNG-X Agreements, Schedule B4.4, Annex 2
324 HNG-X Agreements, Schedule B4.4, Annex 3
325 HNG-X Agreements, Schedule B4.4, Annex 4
Page 146 of 218
WITN06650400
WITN06650400
ways in which liability for liquidated damages were incurred and/or reported to POL
during the period 1999 to 2019. Details are provided below by way of example
(with references to supporting documentation) of specific incidents giving rise to
the payment of compensation, the process for agreeing with POL the quantum of
such compensation and the payment of that compensation.
236. In addition to the below, the Inquiry is referred to paragraphs 60 to 63 of the Third
Corporate Statement regarding the commercial resolution and closure of PinICL
PC0066318.
Service Levels
237. It follows from paragraphs 227 to 233 above that, under the Horizon contract, (i) if
the level of service provided by Fujitsu fell below the agreed threshold in respect
of certain services, Fujitsu would be liable to pay liquidated damages to POL, (ii)
payments for liquidated damages where the relevant Service Level thresholds
were not met were to be in the form of credit notes, unless otherwise elected by
POL, and (iii) the calculation of liquidated damages was dependent on the
particular service being provided. Where applicable, the relevant contractual
provisions relating to the payment of liquidated damages for non-compliance with
the Relevant Obligations are set out in the Appendix to this corporate statement.
238. As set out in paragraphs 88 to 91 and 209 to 217 of this corporate statement,
Fujitsu's performance against Service Levels was reported in the Service
Management Report, which fed into the Service Management Review Forum. In
some cases, this included an update on penalties incurred by Fujitsu.
Page 147 of 218
WITN06650400
WITN06650400
239. For example, the Service Management Report for March 2003 referred to penalties
incurred in respect of the Engineering Service. For reference, the SLTs in respect
of the Engineering Service for which liquidated damages applied at this point in
time were set out in paragraph 2.1 of Annex 1 to Schedule 15 of the Varied and
Restated Agreements. The Service Review Book for March 2003 stated that “[t]he
Engineering service penalties have decreased dramatically this month (circa
£24,000) All local, intermediate and remote Service Level Targets for both A and
B priority calls were met in March, and the Engineering Service also achieved at
least 97.9% on all penalty thresholds in all categories. The time to repaid target
was failed however (average 29% of downtime, against 24.5% of time allowed” 526
240. By way of further example, the minutes of the Service Management Review Forum
held on 22 November 2000 record discussion of various payments and reporting
of remedies: “Liz Tuddenham explained that PON is now in a position to agree
March Hardware and Netware figures of £51091.90 and confirmed that the BIMS
figure for the quarter ending August 2000 is agreed as £27900.00. Paul Westfield
expressed concern about the time taken to clear the backlog and Liz explained
that an adjustment factor principle has now been agreed which should speed up
the resolution of these figures. Richard Brunskill and Liz Tuddenham agreed to
work closely to get the remedies standardised and sorted out. After some
discussion it was agreed to issue a credit note for the quarter ending August 2000
subject to any adjustments, by either PON or ICL Pathway, arising from the
checking of remedies. (see AP001107). Richard also produced a summary report
326 FUJ00232540
Page 148 of 218
WITN06650400
WITN06650400
of remedies which he will amend to detail the adjustments and continue to supply
on a monthly basis for each HSRF.”527
Major Incidents
241. From at least 2006, it appears that liquidated damages were payable by Fujitsu in
respect of certain Major Incidents.
242. According to the ‘POA Customer Service Major Incident Process’ (with internal
reference SVM/SDM/PRO/0001), Major Incidents were defined as incidents which
resulted in business being stopped, i.e. “a Post Office down, unable to process any
business, or central system failure which will result in a number of Post Offices
being unable to process work’ (severity level A Incidents), 578 or “a series of
connected lower severity rated Incidents which combine to have a significant
business impact’ .°?° In particular, liquidated damages were incurred in relation to
Major Incidents which constituted an event or series of connected events causing
one or more counters to be unavailable due to a network wide or local failure
(‘Failure Events”). The calculation of liquidated damages in respect of such
Failure Events was by reference to the Counter Availability SLT,*°° and required
agreement between POL and Fujitsu (via the Customer Service Manager Support
327 FUJ00119973
328 POA Customer Service Incident Management Process, FUJ00080003 (v 1.0 dated 6 November 2006)
329 FUJ00079998 (v 1.0 dated 3 October 2006)
330 Branch Network: Service Description (SVM/SDM/SD/0011), FUJ00079996 (v 1.0 dated 31 August 2006)
Page 149 of 218
WITN06650400
WITN06650400
Unit (“CS MSU”) Major Incident Review) regarding the number of branches
impacted by, and the duration of, the Major Incident.3%"
243. The ‘POA Customer Service Major Incident Process’ also stipulated that
information relating to Major Incidents should be recorded in Major Incident
Reports, which were distributed to POL,*°? and Service Review Books.%34
244. For example, the Major Incident Report in respect of “transaction timeouts across
the whole POCL infrastructure" for Debit Card and ETU services on 8 February
2006 set out (i) a description of the incident, (ii) the scale of the impact and actions
taken by Fujitsu in response to the incident, (iii) associated HSD and PEAK
references, and (iv) the duration of the incident.°*4 As a consequence of this
incident, there was “a total of 23819 DCS and 31464 ETU transaction failures” 33°
The minutes of the Horizon Service Management Forum from 24 April 2006 include
a closed Action Point in relation to the “E-top up problem", which was to “ensure
that the compensation figure identified by FS has been ratified by POL”. A credit
note for £162,760 (plus VAT) was subsequently issued on 21 July 2006, with the
service description “E-Top Up Incident Credit’ .5°°
331 POA Customer Service Major Incident Process (SVM/SDM/PRO/0001), FUJ00079998 (v 1.0 dated 3
October 2006)
382 FUJ00079998
333 Branch Network: Service Description (SVM/SDM/SD/0011), FUJ00079996 (v 1.0 dated 31 August
2006); Codified Agreement, Schedule F05, paragraph 6.2
334 FUJ00232549
335 FUJ00232549
336 Horizon Service Management Forum Minutes, FUJ00232552, dated 24 April 2006; Credit Memo No.
8024533, FUJ00232556, dated 21 July 2006
Page 150 of 218
WITN06650400
WITN06650400
245. Depending on their nature, duration and frequency, it appears that Major Incidents
did not always incur liquidated damages if, for example, Service Levels were still
met, or liquidated damages did not apply to certain Service Levels.°5”
BIMS
246. As explained in paragraphs 73 to 75 of the Second Corporate Statement, BIMS
reports were raised to log Business Incidents, defined in relevant Service
Descriptions as a “symptom of an underlying cause — e.g., the effect of the system
fault on the resulting reconciliation or settlement information sent to [POL]”. BIMS
reports were designed to report the progress of a Business Incident to resolution.
247. The CCDs in place in respect of the Reconciliation Service from 31 December
2002 (set out in paragraph 134 above) broadly provided for the following:
a. Fujitsu was required to run a variety of reconciliation reports on a daily basis
for EPOSS/TPS, Network Banking, APS, and the direct debit service. Within
these reconciliation reports, Fujitsu was to identify errors which constituted
‘Business Incidents’ and ‘System Incidents’.
b. Business Incidents were then reported to POL through BIMS, which could be
supplemented, if necessary, by a Manual Error Report (‘MER’).
248. According to the ‘CS Infrastructure Services Operations Manual’ (with internal
reference CS/QMD/006), the CS MSU would meet with POL to agree, on a monthly
387 See for example, document tiled "Commercial Guidance - Applicability of Liquidated Damages to the
Red Alert that occurred on 27/07", FUJ00232650, dated 2 August 2011
Page 151 of 218
WITN06650400
WITN06650400
basis, the level of compensation to be paid by Fujitsu in respect of missing or
erroneous transactions, and/or Major Incidents.*°° Such charges would usually be
in the form of MERs and would be applied via credit notes.*°9
249. Further, the ‘SLA Performance Remedy and Business Incident Payments Process’
(with internal reference CS/PRD/087) stated that the CS MSU was “responsible
for calculating payments in respect of business incidents which under the terms of
the contract attract charges. The majority of business incidents attracting charges
will be identified from TPS Reconciliation Reports and will be raised by CS MSU,
whilst others may be generated by [Fujitsu] SSC or [POL]. Manual Error Reports
will be completed for these business incidents. Once notified of the payments due
by CS MSU, [Fujitsu] Finance Department is responsible for raising credit notes in
respect of these payments”.*° The process for preparing MERs from the BIMs
database appears to have been set out in the document titled ‘Manual Error Report
—Liquidated Damages Costs’ .541
250. According to the ‘Business Incident Management Service High Level Design’ (with
internal reference TD/DES/129):
a. “the transaction (MER) amount for an incident is to be calculated as the sum
of the transaction costs for the incident’; and
338 FUJ00119995 (v 1.0 dated 7 November 2000)
389 FUJ00119995 (v 1.0 dated 7 November 2000)
340 FUJ00232461 (v 1.0 dated 12 December 2000)
41 FUJ00232622, dated 21 December 2010
Page 152 of 218
WITN06650400
WITN06650400
b. “all incidents cleared in a given month where a manual error report contains
chargeable errors” were listed in a BIMS Charging Detail Report, which set
out, amongst other information, the “number and value of transactions that
generated the charge” .*42
251. By way of example, the BIMS Charging Detail Report for February 2010 included
“chargeable errors’ relating to (i) “APS Reconciliation Error’ whereby a “system
bug caused duplicate transactions where the Session ID was used twice” valued
at £126.50, and (ii) a Receipts and Payments mismatch relating to a “Known
system issue where Fastcash and Settle buttons both pressed’, valued at
£150.00.543 The BIMS Charging Detail Reports identified by Fujitsu to date have
been produced to the Inquiry with this corporate statement.
252. If agreement could not be reached between the CS MSU and POL, then a Case
Law Referral (see paragraphs 261 to 262 below) would be completed for Fujitsu’s
Commercial team to discuss and agree a solution with POL’s Commercial team.*44
253. The Accounting & Reconciliation Review Forum (“ARRF”) (renamed TIP
Operational Review Forum in 2001 (“TORF”)) met monthly from 1999 until 2002 to
conduct a review of liabilities and the performance of the CS MSU in respect of
incident handling and resolutions.*4° These reviews were recorded in CS MSU
342 FUJ00140177 (v 2.1 dated 21 November 2001)
343 FUJ00232618
%44 CS Infrastructure Services Operations Manual (CS/QMS/006), FUJ00119995 (v 1.0 dated 7 November
2000)
345 See for example: Monthly Incident Review (June 2000), FUJ00058474 dated 10 July 2000; Monthly
Incident Review (January 1999), FUJ00058362, dated 1 February 1999; Monthly Incident Review (March
2000), FUJ00232466, dated 13 April 2000
Page 153 of 218
WITN06650400
WITN06650400
Monthly Incident Review Reports to 2001, and thereafter in Monthly TIP Operation
Review Books. The most recent report of this type identified to date is dated
October 2002.46
Manual Error Reports
254. Pursuant to the ‘Data Errors & Not Data Errors — Contractual Definitions’ (with
internal reference CS/SER/017), Fujitsu was liable to pay liquidated damages in
respect of POL’s “costs in dealing with” MERs.*47
255. By clause 6 of the Third Supplemental Agreement, Fujitsu and POL agreed to
amend paragraph 3.6 of Schedule G01 of the Codified Agreement in the manner
set out in Schedule 5 to the Third Supplemental Agreement. In particular, this
amended the definition of Data Error and required Fujitsu to issue a MER to POL
in respect of any Data Error. The MER was required to describe the Data Error
and specify either (i) the line items in the relevant cash account requiring
replacement (in the case of a Data Error resulting in a Cash Account Error) or (ii)
the relevant Transaction record as it would have appeared but for the Data Error
(in the case where a Data Error was a Transaction Error). According to the ‘Data
Errors & Not Data Errors — Contractual Definitions’, Fujitsu was required to use all
reasonable endeavours to ensure that a MER was issued within five working days
of the occurrence or detection of a Data Error.*48 Fujitsu was also required to
346 FUJ00232521
47 FUJ00232525 (v 1.0 dated 20 December 2002)
348 FUJ00232525 (v 1.0 dated 20 December 2002)
Page 154 of 218
WITN06650400
WITN06650400
compensate POL “for its costs in dealing with’ MERs on a monthly basis, as
follows:
a. In relation to a Transaction Error, £150 if the error was discovered after
transmission of the relevant record to POL, or £100 if the error was
discovered before transmission;
b. £100 per MER relating to a Cash Account Error; and
c. £100 per MER relating to an Inaccurate Cash Account (Data Error).54°
256. To the extent a Data Error was corrected by Fujitsu within five working days of its
occurrence, no payment was required to be made by Fujitsu.%°°
257. From 31 August 2006, Fujitsu’s recording and reporting obligations were set out in
the ‘Reconciliation Service: Service Description’ (with internal reference
SVM/SDM/SD/0015).351
258. Under the HNG-X Agreements, Fujitsu was liable to pay liquidated damages to
POL in respect of MERs, as follows:
a. £100 per transaction which “can not [sic] be delivered to the POL FS System
by electronic means and has been discovered by the Reconciliation Service
before it was due to be sent to POL FS”; and
349 FUJ00232525 (v 1.0 dated 20 December 2002)
350 FUJ00232525 (v 1.0 dated 20 December 2002)
351 FUJ00079994 (v 1.0)
Page 155 of 218
WITN06650400
WITN06650400
b. £150 per transaction which “can not [sic] be subsequently re-delivered to the
POL FS System by electronic means following rejection by the POL FS
System” 352
259. Fujitsu was not liable to pay liquidated damages in respect of transactions that
were “lost due to events of Force Majeure, or error by Branch office staff’ °°? The
calculation of liquidated damages due to POL would be prepared by the
Reconciliation Service and forwarded to POL for agreement on a monthly basis.
According to the HNG-X Reconciliation Service Description, the purpose of
liquidated damages in respect of MERs was that “[POL] shail not be disadvantaged
by failures of [Fujitsu] to provide electronic transmission of Transaction information
to the POL FS System”.9°
260. As noted in paragraph 140 above, I understand that changes to the requirements
of the Reconciliation Service, including in relation to MERs, were agreed in 2016
and were put on a contractual footing by CCN 1747.356
Case Law Referrals
261. Case Law Referrals were a mechanism used by Fujitsu between 2000 and 2001
to escalate disputes regarding BIMs and/or MER compensation. In accordance
with the ‘Benefit Payment End to End Reconciliation Process for ICL Pathway
352 Reconciliation Service: Service Description, FUJ00079994, (v 1.0 dated 31 August 2006)
353 Reconciliation Service: Service Description, FUJ00079994, (v 1.0 dated 31 August 2006)
354 Reconciliation Service: Service Description, FUJO0079994, (v 1.0 dated 31 August 2006)
355 FUJ00079994 (v 1.0)
386 CCN 1747, FUJ00234946, dated 25 September 2023; Email chain from Dionne Harvey to Carol Dunford
copying Jason Muir, FUJ00232672, dated 15 November 2017; Email from Martin Cornell to Carol Dunford
copying Jason Muir, FUJ00232671, dated 22 December 2016
Page 156 of 218
WITN06650400
WITN06650400
Release NR2 —- Part 3 (Liability Assignment)’ (with internal reference
CS/PRD/036), Case Law Referrals were “introduced in order to provide a
comprehensive log of all reconciliation incident types which can act as the legal
precedent for any future incidents of an identical nature” 35”
262. Fujitsu has so far identified six Case Law Referrals which resulted in compensation
being paid by Fujitsu to POL, as set out below.
a. Case Law Referral 0001 was first raised on 25 February 2000 in relation to
“APS transactions incorrectly processed due to issue with barcode reader’
(BIMS reference 0002250287). *5* According to the Case Law Referral,
Fujitsu accepted liability for £3800, which POL disputed - under POL’s
calculations, Fujitsu was liable for £7,650. This dispute appears to have been
resolved, with compensation for the incident reflected in the March 2000 MER
figure, under a credit note for £5,400.959
b. Case Law Referral 0004 was first raised on 22 March 2000, in relation to
a “transaction for an unknown mode” (BIMS reference 0003221771,
0003290920).3°° Case Law Referral 0005 was also first raised on 22 March
2000 in relation to a “Receipts and Payments misbalance post migration”
(BIMS reference 003240681). °6' According to the Case Law Referrals,
Fujitsu did not accept any financial liability for either of the incidents. °°
387 FUJ00232432 (v 0.C [sic] dated 6 February 1999)
388 FUJ00232977
389 FUJ00232446
360 FUJ00232978
361 FUJ00232980
362 FUJ00232978; FUJ00232980
Page 157 of 218
WITN06650400
WITN06650400
Fujitsu’s position in relation to Case Law Referrals 0004 and 0005 was set
out in a letter from Colin Lenton-Smith (Commercial and Finance Director,
Fujitsu) to Keith Baines (Service Manager, POL) on 25 October 2001.5° In
particular, Mr Lenton-Smith stated that the incidents “set a precedent in their
uniqueness and cases of this kind have not been seen before’. Fujitsu
proposed to share liability for the incidents with POL “on a 50/50 basis, with
a payment of £9,075.00 being made by [Fujitsu]”. Mike Hannon (Horizon
Commercial and Contract Team Leader, POL) responded to Mr Lenton-
Smith’s letter on 16 July 2002, and stated that POL “believe[s] that [Fujitsu]
have not been strictly following the agreed process for TIP interface, and
therefore if this had been adopted there [sic] would not have occurred, in
these instances we consider [Fujitsu] should bear the whole of the costs”.°®4
Mr Lenton-Smith responded on 13 September 2002, that “/ just do not
understand how the TIP interface process would have prevented these
instances from occurring as you suggest. At this time, Fujitsu... is still
prepared to offer a payment of £9,075 in respect of [Case Law Referrals 0004
and 0005]”.5®° According to an email from Claire Wadeson (Finance Team,
Fujitsu) to John Moran (CS MSU Manager, Fujitsu) copying Mr Lenton-Smith,
dated 20 May 2003, Case Law Referrals 0004 and 0005 were settled for
£9,075, paid in the form of Credit Note 0301244366
363 FUJ00232482
364 FUJ00232974
365 FUJ00232508
366 FUJ00232535; FUJ00232536; See also: Spreadsheet titled “Commercial Forum Mar”, FUJ00232532,
dated 24 March 2003; Letter from C. Lenton Smith to M. Hannon with subject “Without Prejudice - Re BIMS
Incidents’, FUJ00232508, dated 13 September 2002
Page 158 of 218
WITN06650400
WITN06650400
c. Case Law Referral 0007 was first raised on 8 November 1999 in relation to
duplicated and missing AP transactions.°*” The Case Law Referral stated
that Fujitsu and POL agreed that any commercial settlement should “be made
only for the face value of the transaction that is deemed non recoverable".
This was stated in Mr Lenton-Smith’s letter of 25 October 2001 to be
£5,156.60 but “should the value be subsequently recovered by [POL] from
the client, then this would be refunded to [Fujitsu]”.°6° According to Mr
Hannon’s letter dated 16 July 2002, POL accepted Fujitsu's “proposal to pay
£5,160 (the [sic] transaction face value of the incidents)” but did not agree to
refund Fujitsu should POL subsequently recover the value from elsewhere.
This was because “we believe [Fujitsu] [sic] responsibilities include the
reconciliation of errors, the failure to do so has caused additional
administrative problems for POL, therefore if any amounts were recovered
from clients these would be retained by POL to defray these additional
costs” .56° Agreement appears to have been reached and settlement was paid
by Fujitsu in the form of Credit Note 0209118,%”° along with Case Law
Referral 0008.37"
d. Case Law Referral 0008 was first raised on 8 February 2001 in relation to
lost transactions at the Cricceth branch (FAD 164606) when its base unit was
367 FUJ00232981
368 FUJ00232482
369 FUJ00232974
370 Letter from C. Lenton-Smith to M. Hannon, FUJ00232508, dated 13 September 2002; Email chain from
C. Wadeson to J. Moran copying Colin Lenton-Smith FUJ00232536, dated 20 May 2003
371 Letter from C. Lenton-Smith to M. Hannon, FUJ00232508, dated 13 September 2002; Email chain from
C. Wadeson to J. Moran copying Colin Lenton-Smith, FUJ00232536, dated 20 May 2003; Letter from M.
Hannon to C. Lenton-Smith FUJ00232974, dated 16 July 2002
Page 159 of 218
WITN06650400
WITN06650400
swapped out (BIMS reference BE/0102081734). %’2 It appears from
correspondence between Mr Lenton-Smith and Mr Hannon that Fujitsu
proposed to pay £4,402.03 in relation to this incident. This was paid in the
form of Credit Note 02091 18,°73 along with Case Law Referral 0007.34
e. Case Law Referral 0009 was first raised on 8 November 2001 in relation to
an OBCS encashment failure which resulted in postmasters being unable to
scan or manually input pension books into Horizon between 06:00 and 11:15
am (the “Pension Book OBCS Failure”).°”° The ‘Pension Book MBCI (8*
November 2001) Report’ provides a summary of the incident, the applicable
related issues, and Fujitsu's actions to prevent a recurrence.%’° It appears
from correspondence between Fujitsu and POL that agreement regarding
financial compensation for the Pension Book OBCS Failure was not reached
until early 2003.97? In particular:
(i) In a letter dated 14 December 2001 from Mr Baines to Mr Lenton-
Smith, POL’s determination of the loss for which Fujitsu was liable
was stated to be £22,236.36 (comprising of lost income of £5,867.11
and additional NBSC costs of £16,369.25), in addition to any
372 FUJ00232979
373 FUJ00232535
374 Email chain from C. Wadeson to J. Moran copying Colin Lenton-Smith, FUJ00232535, dated 20 May
2003; Letter from C. Lenton-Smith to M. Hannon, FUJ00232508, dated 13 September 2002;
Letter from M. Hannon to C. Lenton-Smith FUJ00232974, dated 16 July 2002
375 FY J00232982; FUJ00232976; See also, Letter from Colin Lenton-Smith to Keith Baines, FUJ00232490,
dated 18 January 2002
376 FUJ00139175 (v 1.0 dated 16 November 2001)
377 Email chain from Colin Lenton-Smith to Richard Brunskill, FUJ00232528, dated 7 February 2003; Credit
memo no. 8001005, FUJ00232534, dated 30 April 2003
Page 160 of 218
WITN06650400
WITN06650400
liquidated damages payable in connection with failure to meet
Service Levels during the incident period.3’8
(ii) I On 19 December 2001, Martin Riddell (Service Delivery Director,
Fujitsu) shared a copy of the ‘Pension Book MBCI (8 November
2001) Report’ with Mr Lenton-Smith, adding “[a]s you can see from
the report there were some issues in the time it took for [POL] to carry
out [appropriate] agreed actions such as updating the IVR and then
the issues around the suitability of the IVR. We obviously need to
understand from Keith [Baines] the origin of the additional costs”.3’°
(iii) I On 18 January 2002, Mr Lenton-Smith responded to Mr Baines’ letter,
noting that POL and Fujitsu agreed at the December 2001 Service
Review Forum that the Pension Book OBCS Failure be handled as a
Case Law Referral and enclosing a copy of Case Law Referral
0009.%8° On 4 February 2002, an update appears to have been added
by Fujitsu to the Case Law Referral, noting that further detail had
been sought relating to POL’s liability calculation.°*'
(iv) On 6 February 2003, Mr Lenton-Smith emailed Richard Brunskill
(Infrastructure Services Manager, Fujitsu) regarding ‘OBCS Failure’,
seeking an update on “our dispute of the £20,524.13 that [POL] are
378 FUJ00232483
378 FUJ00232484; FUJ00232485
380 FUJ00232490
381 FUJ00232982
Page 161 of 218
WITN06650400
WITN06650400
claiming” .*®2 Mr Brunskill replied that he was “still trying to get a
sensible answer out of [POL]", and Mr Lenton-Smith asked for an
update by 18 February 2003, in advance of the next Commercial
Forum.%83
(v) I Minutes of the Commercial Forum meeting held on 19 February 2003
record as an action item, “[POL] will respond to Fujitsu regarding the
outstanding OBCS compensation claim” .°*4 On 28 February 2003, Mr
Baines wrote to Mr Lenton-Smith proposing to accept £14,657.02 as
settlement in respect of the Pension Book OBCS Failure.** Credit
Note 8001005 for this amount appears to have been issued by Fujitsu
in respect of the Pension Book OBCS Failure in or around April
2003.386
Statement of Truth
I believe the content of this statement to be true.
Dated: 8 August 2024
382 FUJ00232527; FUJ00232528
383 FUJ00232528
384 FUJ00232530
385 FUJ00232533; FUJ00232983
386 FUJ00232534 dated 30 April 2003
Page 162 of 218
WITN06650400
WITN06650400
INDEX TO THE FOURTH CORPORATE STATEMENT OF
FUJITSU SERVICES LIMITED
Exhibit I Document description Control No. URN
no.
BACKGROUND TO FUJITSU’S CONTRACTUAL OBLIGATIONS
1. First Corporate Statement of Fujitsu WITN06650100 I WITNO6650100
Services Limited dated 28 September 2022
2. Information Technology Services POL00028181
Agreement for Bringing Technology to Post
Offices and Benefits Payments dated 15
May 1996
3. CCN No. 1100 dated 31 December 2002 POINQ0007070F I FUJ00000899
4. Codified Agreement dated 28 July 1999 POINQ0006242F I FUJ00000071
5. Varied and Restated Agreement v 1.0 dated I POINQ0006245F I FUJ00000074
31 December 2002
6. Varied and Restated Agreement v 2.0 dated I POINQ0006258F I FUJ00000087
6 August 2003
7. Varied and Restated Agreement v 3.0 dated I POINQ0006250F I FUJ00000079
5 November 2003
8. Varied and Restated Agreement v 4.0 dated I POINQ0006251F I FUJ00000080
26 August 2004
9. Varied and Restated Agreement v 5.0 dated I POINQ0006252F I FUJ00000081
5 July 2005
10. Varied and Restated Agreement v 6.0 dated I POINQ0006253F I FUJ00000082
30 November 2005
11. Varied and Restated Agreement v 7.0 dated I POINQ0006254F I FUJ00000083
15 August 2006
12. CCN No. 1200 dated 23 August 2006 POINQ0007143F I FUJ00000972
13. HNG-X Agreement v 1.0 dated 31 August POINQO0006255F I FUJ00000084
2006
14. HNG-X Agreement v 2.0 dated 24 January POINQ0006256F I FUJ00000085
2007
15. HNG-X Agreement v 4.0 dated 14 April POINQ0006246F I FUJ00000075
2008
16. HNG-X Agreement v 3.0 dated 6 July 2007 POINQ0006257F FUJ00000086
17. HNG-X Agreement v 5.0 dated 23 February I POINQ0006247F I FUJ00000076
2009
18. HNG-X Agreement v 6.0 dated 7 July 2009 POINQ0006248F I FUJ00000077
19. HNG-X Agreement v 7.0 dated 10 May POINQ0006249F FUJ00000078
2010
20. HNG-X Agreement v 8.0 dated 21 February I POINQ0006239F I FUJ00000068
2012
21. HNG-X Agreement v 9.0 dated 13 January POINQ0006240F I FUJ00000069
2014
22. HNG-X Agreement v 10.0 dated 10 POINQ0006241F I FUJ00000070
September 2015
Page 163 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
23. HNG-X Agreement v 11.0 dated 31 March POINQ0006243F I FUJ00000072
2016
24. HNG-X Agreement v 12.0 dated 3 July 2017 I POINQ0006244F I FUJ00000073
25. HNG-X Agreement v 13.0 dated 23 VIS00007370 FUJ00000003
November 2020
26. HNG-X Agreement v 14.0 dated 20 POINQ0240929F I FUJ00234786
December 2021
27. HNG-X Agreement v 15.0 (clauses) dated 6 I POINQ0241022F I FUJ00234905
May 2024
28. HNG-X Agreement v 15.0 (Schedule 1) POINQ0241023F I FUJ00234906
dated 6 May 2024
29. HNG-X Agreement v 15.0 (Schedule A1) POINQ0241024F I FUJ00234907
dated 6 May 2024
30. HNG-X Agreement v 15.0 (Schedule A2) POINQ0241025F I FUJ00234908
dated 6 May 2024
31. HNG-X Agreement v 15.0 (Schedule A3) POINQ0241026F I FUJ00234909
dated 6 May 2024
32. HNG-X Agreement v 15.0 (Schedule A4) POINQ0241027F FUJ00234910
dated 6 May 2024
33. HNG-X Agreement v 15.0 (Schedule A5) POINQ0241028F I FUJ00234911
dated 6 May 2024
34. HNG-X Agreement v 15.0 (Schedule B1.1) I POINQ0241029F I FUJ00234912
dated 6 May 2024
35. HNG-X Agreement v 15.0 (Schedule B1.2) POINQ0241030F I FUJ00234913
dated 6 May 2024
36. HNG-X Agreement v 15.0 (Schedule B1.3) I POINQ0241031F I FUJ00234914
dated 6 May 2024
37. HNG-X Agreement v 15.0 (Schedule B2) POINQ0241032F FUJ00234915
dated 6 May 2024
38. HNG-X Agreement v 15.0 (Schedule B3.1) I POINQ0241033F I FUJ00234916
dated 6 May 2024
39. HNG-X Agreement v 15.0 (Schedule B3.2) POINQ0241034F FUJ00234917
dated 6 May 2024
40. HNG-X Agreement v 15.0 (Schedule B3.3) I POINQ0241035F I FUJ00234918
dated 6 May 2024
41. HNG-X Agreement v 15.0 (Schedule B3.4) I POINQ0241036F I FUJ00234919
dated 6 May 2024
42. HNG-X Agreement v 15.0 (Schedule B4.1) I POINQ0241037F I FUJ00234920
dated 6 May 2024
43. HNG-X Agreement v 15.0 (Schedule B6.1) I POINQ0241038F I FUJ00234921
dated 6 May 2024
44, HNG-X Agreement v 15.0 (Schedule B6.2) I POINQ0241039F I FUJ00234922
dated 6 May 2024
45. HNG-X Agreement v 15.0 (Schedule B6.3) I POINQ0241040F I FUJ00234923
dated 6 May 2024
46. HNG-X Agreement v 15.0 (Schedule C1) POINQ0241041F I FUJ00234924
dated 6 May 2024
Page 164 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
47. HNG-X Agreement v 15.0 (Schedule C2) POINQ0241042F I FUJ00234925
dated 6 May 2024
48. HNG-X Agreement v 15.0 (Schedule C3) POINQ0241043F I FUJ00234926
dated 6 May 2024
49. HNG-X Agreement v 15.0 (Schedule D1) POINQ0241044F I FUJ00234927
dated 6 May 2024
50. HNG-X Agreement v 15.0 (Schedule D2) POINQ0241045F I FUJ00234928
dated 6 May 2024
51. HNG-X Agreement v 15.0 (Schedule D3) POINQ0241046F I FUJ00234929
dated 6 May 2024
52. HNG-X Agreement v 15.0 (Schedule D4) POINQ0241047F I FUJ00234930
dated 6 May 2024
53. HNG-X Agreement v 15.0 (Schedule D5) POINQ0241048F I FUJ00234931
dated 6 May 2024
54. HNG-X Agreement v 15.0 (Schedule D6) POINQ0241049F I FUJ00234932
dated 6 May 2024
55. HNG-X Agreement v 15.0 (Schedule D7) POINQ0241050F I FUJ00234933
dated 6 May 2024
56. HNG-X Agreement v 15.0 (Schedule D8) POINQ0241051F I FUJ00234934
dated 6 May 2024
57. HNG-X Agreement v 15.0 (Schedule E) POINQ0241052F FUJ00234935
dated 6 May 2024
58. HNG-X Agreement v 15.0 (Schedule F) POINQ0241053F I FUJ00234936
dated 6 May 2024
59. HNG-X Agreement v 15.0 (Schedule G) POINQ0241054F FUJ00234937
dated 6 May 2024
60. HNG-X Agreement v 15.0 (Schedule !) POINQ0241055F I FUJ00234938
dated 6 May 2024
61. HNG-X Agreement v 15.0 (Schedule 12) POINQ0241056F I FUJ00234939
dated 6 May 2024
62. HNG-X Agreement v 15.0 (Schedule 13) POINQ0241057F FUJ00234940
dated 6 May 2024
63. HNG-X Agreement v 15.0 (Schedule 14) POINQ0241058F I FUJ00234941
dated 6 May 2024
64. HNG-X Agreement v 15.0 (Schedule 15) POINQ0241059F FUJ00234942
dated 6 May 2024
65. HNG-X Agreement v 15.0 (Schedule 16) POINQ0241060F I FUJ00234943
dated 6 May 2024
66. HNG-X Agreement v 15.0 (Schedule J) POINQ0241061F I FUJ00234944
dated 6 May 2024
67. CCN No. 1600 dated 22 February 2016 POINQ0007303F I FUJ00001132
68. CCN No. 1604b dated 8 June 2016 POINQ0007307F I FUJ00001136
THE INCIDENT MANAGEMENT OBLIGATIONS
69. Release Note for CSR+ v 1.0 dated 24 POINQO085655F I FUJ00079484
October 2000
70. CCN No. 562 dated 24 September 1999 POINQ0006667F FUJ00000496
Page 165 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description Control No. URN
OPERATIONAL SERVICES RELATING TO THE INCIDENT MANAGEMENT
OBLIGATIONS
71. Branch Network: Service Description v 1.0 POINQ0086167F I FUJ00079996
dated 31 August 2006
72. Branch Network Service Description v 2.0 POINQ0086194F I FUJ00080023
dated 28 February 2007
73. Branch Network Service Description v 3.0 POINQ0086245F I FUJ00080074
dated 10 June 2009
74, Branch Network Service Description v 4.0 POINQ0086258F I FUJ00080087
dated 4 March 2010
75. Branch Network Service Description v 5.0 POINQ0086423F I FUJ00080252
dated 25 November 2013
76. Branch Network Service Description v 6.0 POINQO086465F I FUJ00080294
dated 9 May 2014
77. Branch Network Service Description v 7.0 POINQO086555F I FUJ00080384
dated 24 July 2017
78. Branch Network Service Description v 8.0 POINQ0086571F I FUJ00080400
dated 5 March 2018
79. Central Network Service: Service POINQ0008199F I FUJ00002028
Description v 1.0 dated 31 August 2006
80. Central Network Service: Service POINQ0238752F I FUJ00232609
Description v 2.0 dated 26 May 2009
81. Central Network Service: Service POINQ0008289F I FUJ00002118
Description v 3.0 dated 21 January 2010
82. Central Network Service: Service POINQ0238796F I FUJ00232653
Description v 4.0 dated 16 December 2013
83. Central Network Service: Service POINQ0008739F I FUJ00002568
Description v 5.0 dated 13 February 2014
84. Central Network Service: Service POINQ0008745F I FUJ00002574
Description v 6.0 dated 14 May 2014
85. Central Network Service: Service POINQ0009323F I FUJ00003152
Description v 7.0 dated 30 November 2016
86. Central Network Service: Service POINQ0009425F I FUJ00003254
Description v 8.0 dated 15 September 2017
87. Central Network Service: Service POINQ0009502F I FUJ00003331
Description v 9.0 dated 10 May 2018
88. Central Network Service: Service POINQ0009631F I FUJ00003460
Description v 10.0 dated 4 February 2021
89. Central Network Service: Service POINQ0009643F I FUJ00003472
Description v 11.0 dated 14 October 2021
90. Central Network Service: Service POINQ0241117F I FUJ00235000
Description v 12.0 dated 29 June 2023
91. Central Network Service: Service POINQ0241118F I FUJ00235001
Description v 13.0 dated 3 May 2024
92. CCN No. 1409a dated 5 March 2014 POINQ0007275F I FUJ00001104
93. ICL Pathway Core System Release POINQ0068389F I FUJ00078801
Contents Description v 1.0 dated 25 June
1999
Page 166 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
94.
CCN No. 441b dated 4 October 1999
POINQ0006578F
FUJ00000407
95.
ICL Pathway/Post Office Counters Limited
Interface Agreement for the Network
Business Support Centre and Horizon
System Helpdesk v 1.0 dated 25 February
2000
POINQ0086576F
FUJ00080405
96.
CSR+ Horizon System Helpdesk Processes
and Procedures Description v 1.0 dated 11
February 2000
POINQ0086574F
FUJ00080403
97.
CSR+ Horizon System Helpdesk Processes
and Procedures Description v 2.0 dated 12
September 2000
POINQ0086578F
FUJ00080407
98.
CSR+ Horizon Systems Helpdesk
Processes and Procedures Description v
3.0 dated 12 December 2000
POINQ0007669F
FUJ00001498
99.
CSR+ Horizon Systems Helpdesk
Processes and Procedures Description v
4.0 dated 20 September 2001
POINQ0007750F
FUJ00001579
100.
CSR+ Horizon Systems Helpdesk
Processes and Procedures Description v
5.0 dated 25 March 2003
POINQ0007932F
FUJ00001761
101.
CCN No. 1016a dated 29 October 2002
POINQ0007046F
FUJ00000875
102.
CCN No. 777b dated 19 July 2001
POINQ0006855F
FUJ00000684
103.
Proposal to Post Office Limited for
Extension of the Horizon Contract dated 18
September 2002
POINQ0238653F
FUJ00232510
104.
Fujitsu Services /Post Office Ltd Interface
Agreement for the Post Office Ltd Network
Business Support Centre and Horizon
System Helpdesk Interface v 4.0 dated 1
July 2003
POINQ0086615F
FUJ00080444
105.
Service Desk: Service Description v 1.0
dated 31 August 2006
POINQ0086628F
FUJ00080457
106.
Service Desk: Service Description v 2.0
dated 29 September 2008
POINQ0086642F
FUJ00080471
107.
Service Desk: Service Description v 3.0
dated 20 August 2010
POINQ0086646F
FUJ00080475
108.
Service Desk: Service Description v 4.0
dated 16 September 2010
POINQ0086648F
FUJ00080477
109.
Service Desk: Service Description v 5.0
dated 29 April 2013
POINQ0086654F
FUJ00080483
110.
Service Desk: Service Description v 6.0
dated 12 March 2014
POINQO086655F
FUJ00080484
111.
CCN No. 1409 dated 5 March 2014
POINQ0238811F
FUJ00232668
112.
Engineer Service: Service Description v 2.0
dated 15 May 2003
POINQ0007973F
FUJ00001802
Page 167 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
113. Engineering Service: Service Description v POINQ0008716F I FUJ00002545
6.0 dated 29 October 2013
114. ICL Pathway Re-plan Proposal v 2.2 dated POL00028185
18 March 1997
115. CCN No. 1423c dated 18 August 2015 POINQ0007287F I FUJ00001116
116. Second Corporate Statement of Fujitsu FUJ00126035 FUJ00126035
Services Limited dated 29 December 2022
117. Engineer Service: Service Description v 1.0 I POINQ0007903F I FUJ00001732
dated 19 December 2002
118. Engineering Service: Service Description v POINQ0008192F I FUJ00002021
1.0 dated 31 August 2006
119. Engineering Service: Service Description v POINQ0008212F I FUJ00002041
2.0 dated 28 February 2007
120. Engineering Service: Service Description v POINQ0086236F I FUJ00080065
2.2 dated 21 November 2008
121. Engineering Service: Service Description v POINQ0008251F I FUJ00002080
3.0 dated 25 November 2008
122. Engineering Service: Service Description v POINQ0086290F I FUJ00080119
3.1 dated 21 July 2010
123. Engineering Service: Service Description v POINQ0008448F I FUJ00002277
4.0 dated 26 November 2010
124. Engineering Service: Service Description v POINQ0008616F I FUJ00002445
5.0 dated 3 July 2012
125. Service Description for Third Line Software I POINQO007906F I FUJ00001735
Support Service v 1.0 dated 19 December
2002
126. Third Line Support Service: Service POINQ0008194F I FUJ00002023
Description v 1.0 dated 31 August 2006
127. Third Line Support Service: Service POINQ0008252F I FUJ00002081
Description v 2.0 dated 4 September 2008
128. Horizon Online 3rd Line Application Support I POINQ0008404F I FUJ00002233
Service: Service Description v 3.0 dated 9
August 2010
129. Horizon Online 3rd Line Application Support I POINQ0008624F I FUJ00002453
Service: Service Description v 4.0 dated 18
February 2013
130. Horizon Online 3rd Line Application Support I POINQ0008645F I FUJ00002474
Service: Service Description v 5.0 dated 24
May 2013
131. Horizon Online 3rd Line Application Support I POINQ0009642F I FUJ00003471
Service: Service Description v 6.0 dated 6
October 2021
132. Horizon Online 3rd Line Application Support I POINQ0241113F I FUJ00234996
Service: Service Description v 7.0 dated 12
March 2024
133. End to End Support Process, Operational POINQ0126186F I FUJ00119994
Level Agreement v 1.0 dated 10 October
1999
Page 168 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
134.
Application Support Service (Fourth Line):
Service Description v 1.0 dated 24 August
2006
POINQ0086168F
FUJ00079997
135.
Application Support Service (Fourth Line):
Service Description v 2.0 dated 4
September 2008
POINQ0086238F
FUJ00080067
136.
Application Support Service (Fourth Line):
Service Description v 3.0 dated 29 October
2009
POINQ0126665F
FUJ00120473
137.
Application Support Service (Fourth Line):
Service Description v 4.0 dated 24 August
2010
POINQ0086296F
FUJ00080125
138.
Application Support Service (Fourth Line):
Service Description v 5.0 dated 13
September 2013
POINQ0086406F
FUJ00080235
139.
Application Support Service (Fourth Line):
Service Description v 6.0 dated 13 March
2014
POINQ0008741F
FUJ00002570
140.
Application Support Service (Fourth Line):
Service Description v 7.0 dated 29
November 2016
POINQO086550F
FUJ00080379
141.
Application Support Service (Fourth Line):
Service Description v 8.0 dated 22
November 2021
POINQ0009646F
FUJ00003475
142.
Application Support Service (Fourth Line):
Service Description v 9.0 dated 5 April 2024
POINQ0241114F
FUJ00234997
143.
Witness Statement of Liz Evans-Jones
dated 12 February 2023
WITN06680100
144,
Document titled "Fujitsu Services Royal Mail
Group Account: Service Review Book" v 1.0
dated 15 January 2008
POINQ0158475F
FUJ00152281
145.
Service Management Service; Service
Description v 1.0 dated 31 December 2002
POINQ0126636F
FUJ00120444
146.
Fujitsu Services / Post Office Limited
Interface Agreement for the Problem
Management Interface v 1.0 dated 23
December 2002
POINQ0086057F
FUJ00079886
147.
Service Management: Service Description v
1.0 dated 24 August 2006
POINQ0008196F
FUJ00002025
148.
Service Management Service: Service
Description v 2.0 dated 5 November 2010
POINQ0008440F
FUJ00002269
149.
Service Management Service: Service
Description v 3.0 dated 19 September 2013
POINQ0008682F
FUJ00002511
150.
Service Management Service: Service
Description v 4.0 dated 21 November 2013
POINQ0008722F
FUJ00002551
151.
Service Management Service: Service
Description v 5.0 dated 30 November 2016
POINQ0009322F
FUJ00003151
Page 169 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
152. Service Management Service: Service POINQ0009612F I FUJ00003441
Description v 6.0 dated 17 January 2020
153. Service Management Service: Service POINQO009645F I FUJ00003474
Description v 7.0 dated 8 November 2021
154. Service Management Service: Service POINQ0241116F I FUJ00234999
Description v 8.0 dated 13 December 2023
155. Service Description for Systems. POINQO007905F I FUJ00001734
Management Service v 1.0 dated 18
December 2002
156. Systems Management Service: Service POINQ0008195F I FUJ00002024
Description v 1.0 dated 31 August 2006
157. Systems Management Service: Service POINQ0008272F I FUJ00002101
Description v 2.0 dated 26 August 2009
158. Systems Management Service: Service POINQ0008711F I FUJ00002540
Description v 3.0 dated 17 October 2013
159. Systems Management Service: Service POINQ0008744F I FUJ00002573
Description v 4.0 dated 16 April 2014
160. Systems Management Service: Service POINQ0009205F I FUJ00003034
Description v 5.0 dated 12 November 2015
161. Systems Management Service: Service POINQ0009418F I FUJ00003247
Description v 6.0 dated 20 July 2017
162. Systems Management Service: Service POINQ0238890F I FUJ00232747
Description v 7.0 dated 28 September 2021
163. Systems Management Service: Service POINQ0241115F I FUJ00234998
Description v 8.0 dated 14 March 2024
164. Integration Testing Business Thread BITO2 POINQ0238558F I FUJ00232415
for Release 1c v 1.0 dated 1 July 1997
165. CCN No. 0016 dated 28 October 1996 POINQ0238557F I FUJ00232414
166. MIS Report Production and Scheduling v POINQ0238569F I FUJ00232426
1.0 dated 21 October 1997
167. MIS Report Despatch Procedure v 1.0 POINQ0238612F I FUJ00232469
dated 21 October 1997
168. Management Information Service: Service POINQ0126671F I FUJ00120479
Description v 1.0 dated 20 December 2002
169. Management Information Service: Service POINQ0008081F I FUJ00001910
Description v 2.0 dated 18 November 2004
170. Management Information Service: Service POINQ0008136F I FUJ00001965
Description v 3.0 dated 8 July 2005
171. Network Banking MIS Report Design v 2.0 POINQ0238645F I FUJ00232502
dated 12 July 2002
172. Network Banking MIS Report Design v 3.0 POINQ0238700F I FUJ00232557
dated 13 December 2004
173. Management Information Service: Service POINQ0126672F I FUJ00120480
Description v 1.0 dated 31 August 2006
174. Management Information Service: Service POINQ0008232F I FUJ00002061
Description v 2.0 dated 20 February 2008
175. Management Information Service: Service POINQ0238760F I FUJ00232617
Description v 3.0 dated 9 February 2010
Page 170 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
176. CCN No. 1648b v 2.0 dated 3 June 2013 POINQ0241062F I FUJ00234945
177. Management Information Service: Service POINQ0008447F I FUJ00002276
Description v 4.0 dated 24 November 2010
178. Management Information Service: Service POINQ0008717F I FUJ00002546
Description v 5.0 dated 5 November 2013
179. Management Information Service: Service POINQ0238964F I FUJ00232821
Description v 6.0 dated 7 January 2022
180. Transaction Benchmark Service: Service POINQ0238669F I FUJ00232526
Description v 1.0 dated 31 December 2002
181. Transaction Benchmark Service: Service POINQ0238684F I FUJ00232541
Description v 2.0 dated 2 July 2004
182. Transaction Time Benchmarking Process v POINQ0238753F I FUJ00232610
1.0 dated 17 July 2009
183. TPS Reconciliation & Incident Management I POINQ0085993F I FUJ00079822
v 1.0 dated 16 October 2000
184. TPS Reconciliation & Incident Management I POINQ0007897F I FUJ00001726
v 4.0 dated 19 December 2002
185. Network Banking Reconciliation & Incident POINQ0126659F FUJ00120467
Management v 2.0 dated 22 January 2002
186. Network Banking Reconciliation & Incident POINQ0007796F I FUJ00001625
Management v 3.0 dated 10 May 2002
187. Network Banking Reconciliation & Incident POINQ0126660F I FUJ00120468
Management v 5.0 dated 19 December
2002
188. On Line Services Reconciliation & Incident POINQ0008141F I FUJ00001970
Management v 6.0 dated 17 October 2005
189. TPS Reconciliation & Incident Management I POINQ0007798F I FUJ00001627
v 2.0 dated 30 April 2002
190. TPS Reconciliation & Incident Management I POINQ0008138F I FUJ00001967
v 5.0 dated 17 October 2005
191. APS Reconciliation & Incident Management I POINQ0007738F I FUJ00001567
v 1.0 dated 2 July 2001
192. APS Reconciliation & Incident Management I POINQOO86056F I FUJ00079885
v 3.0 dated 19 December 2002
193. APS Reconciliation & Incident Management I POINQ0008139F I FUJ00001968
v 4.0 dated 17 October 2005
194. Data Errors & Not Data Errors - Contractual I POINQ0007909F I FUJ00001738
Definitions v 1.0 dated 20 December 2002
195. Network Banking Data Reconciliation POINQ0008092F I FUJ00001921
Service v 2.0 dated 11 January 2005
196. On Line Services Data Reconciliation POINQ0008140F I FUJ00001969
Service v 3.0 dated 17 October 2005
197. On Line Services Reconciliation & Incident POINQ0126661F I FUJ00120469
Management v 6.0 dated 17 October 2005
198. Reconciliation Service: Service Description POINQ0086165F I FUJ00079994
v 1.0 dated 31 August 2006
199. Reconciliation Service: Service Description POINQ0086244F I FUJ00080073
v 2.0 dated 14 July 2009
Page 171 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
200. Reconciliation Service: Service Description POINQ0086367F I FUJ00080196
v 3.0 dated 1 December 2010
201. Reconciliation Service: Service Description POINQ0086425F I FUJ00080254
v 4.0 dated 3 December 2013
202. Reconciliation Service: Service Description POINQ0009611F I FUJ00003440
v 5.0 dated 3 December 2019
203. Reconciliation Service: Service Description POINQO0009620F I FUJ00003449
v 6.0 dated 3 June 2020
204. Reconciliation Service: Service Description POINQ0238995F I FUJ00232852
v 7.0 dated 7 June 2022
205. Reconciliation Service: Service Description POINQ0241119F I FUJ00235002
v 8.0 dated 12 February 2024
SUMMARY OF MEASURES RELATING TO INCIDENT MANAGEMENT
206. CCN No. 1747 dated 25 January 2024 POINQ0241063F I FUJ00234946
207. Email chain from D. Harvey to C. Dunford POINQ0238815F I FUJ00232672
copying J. Muir and Post Office Account
Commercial Mailbox with subject
"Reconciliation Service obligation" dated 15
November 2017
208. Email from M. Cornell to C. Dunford copying I POINQ0238814F I FUJ00232671
J. Muir with subject "MER (Manual Error
Report) Qtly Credit" dated 22 December
2016
209. POA Improvement Log v 0.14 dated 9 May I POINQ0241136F I FUJ00235019
2024
210. POA Improvements Log v 0.11 dated 4 POINQ0239138F I FUJ00232995
September 2023
211. POA Improvements List v 1.1 dated 20 July I POINQ0238863F FUJ00232720
2021
212. POA Improvements List v 1.1 dated 6 POINQ0238867F I FUJ00232724
August 2021
213. POA Improvements List v 1.2 dated 25 POINQ0238872F I FUJ00232729
August 2021
214. POA Improvements List v 1.2 dated 26 POINQ0238873F I FUJ00232730
August 2021
215. POA Improvements List v 1.2 dated 27 POINQ0238876F I FUJ00232733
August 2021
216. POA Improvements List v 1.1 dated 27 POINQ0238874F I FUJ00232731
August 2021
217. POA Improvements List v 1.2 dated 27 POINQ0238877F I FUJ00232734
August 2021
218. POA Improvements List v 1.2 dated 31 POINQ0238879F I FUJ00232736
August 2021
219. POA Improvements List v 1.2 dated 1 POINQ0238880F I FUJ00232737
September 2021
220. POA Improvements List v 1.2 dated 6 POINQ0238881F I FUJ00232738
September 2021
Page 172 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
221. POA Improvements List v 1.2 dated 9 POINQ0238882F I FUJ00232739
September 2021
222. POA Improvements List v 1.2 dated 16 POINQ0238884F I FUJ00232741
September 2021
223. POA Improvements List v 1.2 dated 17 POINQ0238885F I FUJ00232742
September 2021
224. POA Improvements List v 1.2 dated 23 POINQ0238887F I FUJ00232744
September 2021
225. POA Improvements List v 1.2 dated 30 POINQ0238891F I FUJ00232748
September 2021
226. POA Improvements List v 1.2 dated 4 POINQ0238892F I FUJ00232749
October 2021
227. POA Improvements List v 1.2 dated 7 POINQ0238893F I FUJ00232750
October 2021
228. POA Improvements List v 1.2 dated 13 POINQ0238894F I FUJ00232751
October 2021
229. POA Improvements List v 1.2 dated 19 POINQ0238895F I FUJ00232752
October 2021
230. POA Improvements List v 1.2 dated 25 POINQ0238897F I FUJ00232754
October 2021
231. POA Improvements List v 1.2 dated 3 POINQ0238898F FUJ00232755
November 2021
232. POA Improvements List v 1.2 dated 4 POINQ0238899F I FUJ00232756
November 2021
233. POA Improvements List v 1.2 dated 12 POINQ0238900F FUJ00232757
November 2021
234. POA Improvements List v 1.2 dated 16 POINQ0238901F I FUJ00232758
November 2021
235. POA Improvements List v 1.2 dated 17 POINQ0238902F I FUJ00232759
November 2021
236. POA Improvements List v 1.2 dated 18 POINQ0238903F FUJ00232760
November 2021
237. POA Improvements List v 1.2 dated 29 POINQ0238904F I FUJ00232761
November 2021
238. POA Improvements List v 1.2 dated 2 POINQ0238916F FUJ00232773
December 2021
239. POA Improvements List v 1.2 dated 9 POINQ0238928F I FUJ00232785
December 2021
240. POA Improvements List v 1.2 dated 5 POINQ0238947F I FUJ00232804
January 2022
241. ICL Pathway Customer Service Policy POINQ0086026F I FUJ00079855
Manual v 1.0 dated 26 January 2001
242. Fujitsu POA Customer Service Policy POINQ0086145F I FUJ00079974
Manual v 2.0 dated 14 September 2005
243. ICL Pathway Customer Service Process POINQ0086037F I FUJ00079866
Manual v 1.0 dated 16 August 2001
Page 173 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
244.
POA Customer Service Incident
Management Process Details v 3.0 dated
23 March 2005
POINQ0086110F
FUJ00079939
245.
Incident Management Process v 1.0 dated
13 November 2000
POINQ0086036F
FUJ00079865
246.
POA Customer Service Incident
Management Process v 2.0 dated 20
January 2005
POINQ0086108F
FUJ00079937
247.
POA Customer Service Incident
Management Process v 4.0 dated 2 August
2005
POINQ0086139F
FUJ00079968
248.
CS Support Services Operations Manual v
1.0 dated 7 November 2000
POINQ0238592F
FUJ00232449
249.
CS Support Services Operations Manual v
2.0 dated 29 January 2001
POINQ0126638F
FUJ00120446
250.
Operations Manual for the Customer
Service Directorate v 1.0 dated 26
November 2001
POINQ0086046F
FUJ00079875
251.
Operations Manual for the Customer
Service Directorate v 2.0 dated 1 May 2002
POINQO0086059F
FUJ00079888
252.
End-to-End Support Process, Operational
Level Agreement v 2.0 dated 17 June 2003
POINQO086068F
FUJ00079897
253.
Horizon Systems Helpdesk: Service
Description v 1.0 dated 20 December 2002
POINQO0086599F
FUJ00080428
254.
Service Description for Systems.
Management Service v 1.0 dated 18
December 2002
POINQ0126644F
FUJ00120452
255.
Service Description for Third Line Software
Support Service v 1.0 dated 19 December
2002
POINQ0126662F
FUJ00120470
256.
TPS Reconciliation & Incident Management
v 2.0 dated 30 April 2002
POINQ0086052F
FUJ00079881
257.
TPS Reconciliation & Incident Management
v 4.0 dated 19 December 2002
POINQO086055F
FUJ00079884
258.
TPS Reconciliation & Incident Management
v 5.0 dated 17 October 2005
POINQ0086147F
FUJ00079976
259.
Network Banking Reconciliation & Incident
Management v 1.0 dated 19 December
2001
POINQ0126658F
FUJ00120466
260.
Network Banking Data Reconciliation
Service v 1.0 dated 20 December 2002
POINQ0007910F
FUJ00001739
261.
Service Description for Data Centre
Operations Service v 1.0 dated 20
December 2002
POINQ0007904F
FUJ00001733
262.
Service Description for Data Centre
Operations Service v 2.0 dated 8 February
2005
POINQO008096F
FUJ00001925
Page 174 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
263. ICL Pathway Development Directorate POINQ0085994F I FUJ00079823
Incident/Defect Management v 1.0 dated 25
October 2000
264. Post Office Account Systems Integration POINQ0086073F I FUJ00079902
Directorate Incident/Defect Management v
2.0 dated 5 September 2003
265. Peak User Guide v 1.0 dated 8 October POINQ0086097F I FUJ00079926
2004
266. Peak User Guide v 2.0 dated 29 June 2011 POINQ0086375F I FUJ00080204
267. Peak Administration Guide v 1.0 dated 3 POINQ0086402F I FUJ00080231
April 2013
268. Peak User Guide v 3.0 dated 18 April 2016 POINQ0086503F I FUJ00080332
269. HNGA Robustness (Service Delivery POINQ0238860F I FUJ00232717
Metrics) Report v 1.0 dated 12 March 2021
270. Reconciliation and Incident Management POINQ0238729F I FUJ00232586
Joint Working Document v 1.0 dated 20
April 2007
271. Reconciliation and Incident Management POINQO0086386F I FUJ00080215
Joint Working Document v 2.0 dated 14
June 2011
272. Reconciliation and Incident Management POINQ0086395F I FUJ00080224
Joint Working Document v 3.0 dated 30
April 2012
273. Reconciliation and Incident Management POINQ0241097F I FUJ00234980
Joint Working Document v 4.0 dated 24
June 2020
274. Reconciliation and Incident Management POINQ0249171F I FUJ00243146
Joint Working Document v 5.0 dated 14
June 2024
275. CS Operations Services Operations Manual I POINQ0238597F I FUJ00232454
v 1.0 dated 7 November 2000
276. CS Operations Services Operations Manual I POINQ0126678F I FUJ00120486
v 2.0 dated 24 January 2001
277. CS Infrastructure Services Operations POINQ0126187F I FUJ00119995
Manual v 1.0 dated 7 November 2000
278. Pathway Release Policy v 1.0 dated 26 POINQ0238567F I FUJ00232424
November 1996
279. Pathway Release Policy v 2.0 dated 29 POINQ0238576F I FUJ00232433
March 1999
280. Pathway Release Policy v 3.0 dated 28 POINQ0238578F I FUJ00232435
June 1999
281. Pathway Release Policy v 4.0 dated 14 July I POINQ0238584F I FUJ00232441
1999
282. Pathway Release Policy v 5.0 dated 16 July I POINQ0124362F I FUJ00118128
1999
283. Release Management Processes v 1.0 POINQ0238610F I FUJ00232467
dated 26 January 2001
Page 175 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
284.
Release Management Processes v 2.0
dated 2 February 2001
POINQ0238614F
FUJ00232471
285.
ICL Pathway Problem Management
Process v 1.2 dated 25 May 1998
POINQ0085968F
FUJ00079797
286.
ICL Pathway Problem Management
Process v 2.0 dated 26 August 1999
POINQ0126183F
FUJ00119991
287.
ICL Pathway Customer Service Problem
Management Process v 3.0 dated 13
November 2000
POINQ0086024F
FUJ00079853
288.
ICL Pathway Customer Service Problem
and Alert Management Process v 4.0 dated
27 November 2001
POINQ0126184F
FUJ00119992
289.
POA Customer Service Problem
Management Process Details v 5.0 dated
20 January 2005
POINQ0086106F
FUJ00079935
290.
POA Customer Service Problem
Management Process Details v 6.0 dated
29 July 2005
POINQ0086124F
FUJ00079953
291.
ICL Pathway Customer Service End-to-End
Customer Complaint Process v 1.0 dated 5
September 2000
POINQ0085997F
FUJ00079826
292.
Service Review - Performance Statistics
dated 15 May 2001
POINQ0127279F
FUJ00121087
293.
POA Customer Service Incident
Management Process v 1.0 dated 6
November 2006
POINQ0086174F
FUJ00080003
294.
POA Customer Service Incident
Management Process v 2.0 dated 2 April
2007
POINQ0086198F
FUJ00080027
295.
RMGA Customer Service Incident
Management Process v 3.0 dated 28 July
2009
POINQ0126243F
FUJ00120051
296.
RMGA Customer Service Incident
Management Process v 4.0 dated 3 August
2009
POINQ0086247F
FUJ00080076
297.
RMGA Operations Incident Management
Procedure v 5.0 dated 6 July 2011
POINQ0086376F
FUJ00080205
298.
POA Operations Incident Management
Procedure v 6.0 dated 13 November 2013
POINQ0086415F
FUJ00080244
299.
POA Operations Incident Management
Procedure v 7.0 dated 17 July 2014
POINQ0086469F
FUJ00080298
300.
POA Operations Incident Management
Procedure v 8.0 dated 12 July 2016
POINQ0086541F
FUJ00080370
301.
POA Operations Incident Management
Procedure v 9.0 dated 12 September 2017
POINQO0086559F
FUJ00080388
302.
POA Operations Incident Management
Procedure v 10.0 dated 29 January 2019
POINQ0241098F
FUJ00234981
Page 176 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
303. POA Operations Incident Management POINQ0241099F I FUJ00234982
Procedure v 11.0 dated 18 June 2020
304. POA Operations Incident Management POINQ0241100F I FUJ00234983
Procedure v 12.0 dated 15 July 2020
305. POA Operations Incident Management POINQ0241101F I FUJ00234984
Procedure v 13.0 dated 1 September 2020
306. POA Operations Incident Management POINQ0241102F I FUJ00234985
Procedure v 14.0 dated 21 January 2021
307. POA Operations Incident Management POINQ0241103F I FUJ00234986
Procedure v 15.0 dated 5 July 2021
308. POA Operations Incident Management POINQ0241104F I FUJ00234987
Procedure v 16.0 dated 8 September 2021
309. POA Operations Incident Management POINQ0241105F I FUJ00234988
Procedure v 17.0 dated 24 February 2023
310. POA Operations Incident Management POINQ0241106F I FUJ00234989
Procedure v 18.0 dated 15 January 2024
311. End to End Application Support Strategy v POINQO0086383F I FUJ00080212
1.0 dated 28 July 2011
312. End to End Application Support Strategy v POINQ0249168F I FUJ00243143
2.0 dated 23 September 2020
313. Application Support Service (Fourth Line): POINQ0086464F I FUJ00080293
Service Description v 6.0 dated 13 March
2014
314. CCN No. 1732 dated 28 March 2023 POINQ0239264F I FUJ00233121
315. CCN No. 1749 dated 30 October 2023 POINQ0241064F I FUJ00234947
316. Release Management Strategy v 1.0 dated POINQ0238809F I FUJ00232666
26 January 2015
317. Service Management Service: Service POINQ0086551F I FUJ00080380
Description v 5.0 dated 30 November 2016
318. The BED Current Process Report v 1.0 POINQ0238859F I FUJ00232716
dated 26 February 2021
319. Operational Level Agreement for Application I POINQ0086403F I FUJ00080232
4th line support of HNGX v 2.0 dated 5 April
2013
320. Terms of Reference for POA BIF and PTF v I POINQ0238799F I FUJ00232656
1.0 dated 30 July 2014
321. POA Improvements Log v 0.9 dated 1 POINQ0238985F I FUJ00232842
March 2022
322. BED Current Process Report v 1.0 dated 26 POL00030527
February 2021
323. HDR Defects update report dated 30 July POINQ0238864F I FUJ00232721
2021
324. Customer Business Impact Forum (CBIF) POINQ0238996F I FUJ00232853
Proposal dated 17 June 2022
325. Horizon Support Knowledge Base Review POINQ0238819F I FUJ00232676
Forum Terms of Reference dated 11 March
2020
Page 177 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
326.
Horizon Governance Terms of Reference v
1.0 dated 7 September 2020
POINQ0238846F
FUJ00232703
327.
Horizon Known Errors Joint Review
Working Group Terms of Reference dated
September 2020
POINQ0238852F
FUJ00232709
328.
Horizon Defects Review Terms of
Reference dated 25 June 2021
POINQ0238871F
FUJ00232728
329.
Drop and Go Weekly Report dated 20 July
2020
POINQ0238940F
FUJ00232797
330.
Drop and Go Weekly Report: Horizon
Known Error - jsim1215Q dated 20 July
2020
POINQ0238941F
FUJ00232798
331.
Spreadsheet titled "Enhancem-06455-020"
dated 9 December 2021
POINQ0238943F
FUJ00232800
332.
Document titled "Meeting Agenda:
Enhancement and External to Fujitsu
Domain" dated 2 November 2020
POINQ0238944F
FUJ00232801
333.
Document titled "Meeting Agenda:
Enhancement and External to Fujitsu
Domain" dated 9 November 2020
POINQ0238945F
FUJ00232802
334.
Document titled "Meeting Minutes:
Enhancement and External to Fujitsu
Domain" dated 9 November 2020
POINQ0238946F
FUJ00232803
335.
Minutes of Horizon Known Error Review
meeting held on 29 June 2020
POINQ0238942F
FUJ00232799
336.
Email chain from S. Bansal to S. Browell
with subject "Horizon Know Error review
WC 25/01/2021" dated 25 January 2021
POINQ0238854F
FUJ00232711
337.
POA Improvements Log v 0.2 dated 15
September 2021
POINQ0238883F
FUJ00232740
338.
POA Improvements Log dated 29
November 2021
POINQ0238966F
FUJ00232823
339.
Horizon Defects Review Forum - Meeting
Notes dated 18 September 2023
POINQ0239263F
FUJ00233120
340.
Email chain from S. Bansal to S. Browell
copying M. Hatch, S. Bothick and M. Lenton
with subject "Branch Impacting Problems -
Terms of Reference" dated 11 August 2023
POINQ0239135F
FUJ00232992
341.
Horizon Defects Review Terms of
Reference v 3.2 dated 3 January 2023
POINQ0239015F
FUJ00232872
342.
Email from M. Stevens to M. Hatch with
subject "Measurement of Impacted
Branches" dated 26 July 2023
POINQ0239131F
FUJ00232988
343.
Spreadsheet titled "Defect Tracker" dated
28 February 2022
POINQ0238972F
FUJ00232829
344.
Spreadsheet titled "Defect Tracker" dated
12 September 2023
POINQ0239250F
FUJ00233107
Page 178 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
345.
Email chain from S. Browell to P. Smith and
S. Bansal copying M. Godbold with subject
"CBIF - Move to Monday" dated 25 June
2021
POINQ0239265F
FUJ00233122
346.
Email from S. Browell copying S. Bansal, A.
Woodley, S. Bothick and M. Hatch with
subject "HDR Defects update report -
24.09.2021" dated 24 September 2021
POINQ0238888F
FUJ00232745
347.
POA Improvements Log v 0.1 dated 27
August 2021
POINQ0238878F
FUJ00232735
348.
Slide deck titled "Horizon Issues
Remediation Programme" dated 10
November 2021
POINQ0239147F
FUJ00233004
349.
Request to Quote Supplier Response
Details dated 19 July 2022
POINQ0239268F
FUJ00233125
350.
Change Work Order No. 0369 dated 15
January 2021
POINQ0239267F
FUJ00233124
351.
Slide deck titled "POA Improvements:
Communicating the Changes" dated 21
September 2021
POINQ0238886F
FUJ00232743
352.
Post Office Account Defect Management
Reporting v 0.1 dated 3 October 2022
POINQ0239000F
FUJ00232857
353.
Post Office Account Defect Management
Reporting v 1.0 dated 17 March 2023
POINQ0241108F
FUJ00234991
354.
Post Office Account Defect Management
Reporting v 2.0 dated 3 August 2023
POINQ0241109F
FUJ00234992
355.
Post Office Account Defect Management
Reporting v 3.0 dated 26 April 2024
POINQ0241110F
FUJ00234993
356.
Slide deck titled "Live Defect Management
on POA" dated 22 October 2021
POINQ0238896F
FUJ00232753
357.
POA Improvements Log v 0.7 dated 24
January 2022
POINQ0238965F
FUJ00232822
358.
Slide deck titled "There's a Peak in my
stack..." dated 1 June 2022
POINQ0238993F
FUJ00232850
359.
Horizon Defects Review Terms of
Reference dated 21 February 2022
POINQ0238988F
FUJ00232845
360.
Slide deck titled "Live Defect Management
Update HNG Business Review - August
2023" dated 1 September 2023
POINQ0239137F
FUJ00232994
361.
Slide deck titled "Live Defect Management
Updates for Business Reviews - Jan-22 to
Oct-22" dated 1 November 2022
POINQ0239001F
FUJ00232858
362.
Spreadsheet titled "Live Affecting Defects"
dated 17 February 2022
POINQ0238968F
FUJ00232825
363.
Email from P. Elmes to C. Harrison, G.
Seemungal, G. Baker and others with
subject "Live Defect Status 17/02/2022"
dated 17 February 2022
POINQ0238967F
FUJ00232824
Page 179 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
364.
Document titled "POL HNG-X All Live
Defects Report" dated 12 August 2022
POINQ0238999F
FUJ00232856
365.
Email from S. Browell to R. Gogna and P.
Smith with subject "HNG-X - All Live
Defects Report for POL - 12.08.2022" dated
12 August 2022
POINQ0238998F
FUJ00232855
366.
Post Office Account Defect Management
Reporting v 0.5 dated 9 November 2022
POINQ0239002F
FUJ00232859
367.
Spreadsheet titled "HDR Defects Update
Report" v 1.0 dated 2 December 2022
POINQ0239019F
FUJ00232876
368.
Email from M. Hatch to P. Smith and L.
Millar with subject "HDR Defects Update
Report - 02.12.2022 - v1.0" dated 2
December 2022
POINQ0239018F
FUJ00232875
369.
Post Office Account Defect Management
Reporting v 0.7 dated 7 December 2022
POINQ0239008F
FUJ00232865
370.
Email chain from M. Hatch to R. Gogna and
L. Millar with subject "HNG-X - All Live
Defects Report for POL - 16.02.2023" dated
1 March 2023
POINQ0239017F
FUJ00232874
371.
Transcript of video file titled "POA
Improvements Overview - S. Bothick" dated
5 August 2021
POINQ0249286F
FUJ00243261
372.
Transcript of video file titled "Updates on
ways of working PEAK - C. Maving" dated 4
August 2021
POINQ0249288F
FUJ00243263
373.
Transcript of video file titled "End-to-end
peak process changes overview - M. Swain"
dated 9 August 2021
POINQ0249290F
FUJ00243265
374.
Transcript of video file titled "End-to-end
peak process changes overview - M. Swain"
dated 12 August 2021
POINQ0249292F
FUJ00243267
375.
Slide deck titled "Live Defect Management
on POA" v 0.7 dated 15 March 2022
POINQ0238990F
FUJ00232847
376.
Slide deck titled "Live Defect Management:
Stack Owner Update" dated 31 May 2022
POINQ0238992F
FUJ00232849
377.
POA Live Defect Management Procedures
v 1.0 dated 17 October 2023
POINQ0239284F
FUJ00233141
THE PRIVILEGED ACCESS O}
BLIGATIONS
378.
Pathway Security Policy v 3.0 dated 8
October 1996
POINQ0007437F
FUJ00001266
379.
ICL Pathway Security Policy v 4.0 dated 30
April 1999
POINQ0007465F
FUJ00001294
380.
ICL Pathway Security Policy v 5.0 dated 13
November 2000
POINQ0238598F
FUJ00232455
381.
ICL Pathway Security Policy v 6.0 dated 20
November 2000
POINQ0238600F
FUJ00232457
Page 180 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
382. Pathway Security Policy v 7.0 dated 28 May I POINQ0238642F I FUJ00232499
2002
383. Access Control Policy v 1.0 dated 17 April POINQ0123668F I FUJ00117497
1997
384. Access Control Policy v 3.0 dated 18 POINQ0094164F I FUJ00087993
December 1998
385. Access Control Policy v 4.0 dated 16 July POINQ0094189F I FUJ00088018
2002
386. Access Control Policy v 5.0 dated 28 POINQ0094217F I FUJ00088046
August 2002
387. Pathway Security Policy v 8.0 dated 2 POINQ0007846F I FUJ00001675
September 2002
388. Pathway Security Policy v 9.0 dated 24 POINQ0007919F I FUJ00001748
January 2003
389. Horizon Security Policy v 10.0 dated 11 POINQ0238685F I FUJ00232542
November 2004
390. Horizon Security Policy v 11.0 dated 23 POINQ0238697F I FUJ00232554
June 2006
391. Horizon Security Policy v 12.0 dated 5 April I POINQ0008217F I FUJ00002046
2007
392. Access Control Policy v 6.0 dated 8 August I POINQ0094258F I FUJ00088087
2003
393. Horizon Access Control Policy v 7.0 dated POINQ0094326F I FUJ00088155
14 April 2005
394. Security Management Service: Service POINQ0094351F I FUJ00088180
Description v 1.0 dated 24 August 2006
395. Security Management Service: Service POINQ0094508F I FUJ00088337
Description v 2.0 dated 31 December 2008
396. Security Management Service: Service POINQ0094854F I FUJ00088683
Description v 3.0 dated 15 October 2010
397. Security Management Service: Service POINQ0095039F I FUJ00088868
Description v 3.5 dated 25 November 2013
398. Security Management Service: Service POINQO0095040F I FUJ00088869
Description v 4.0 dated 4 December 2013
399. Security Management Service: Service POINQ0095068F I FUJ00088897
Description v 5.0 dated 4 April 2014
400. Security Management Service: Service POINQ0095323F I FUJ00089152
Description v 6.0 dated 21 May 2015
401. Security Management Service: Service POINQ0239116F I FUJ00232973
Description v 8.0 dated 26 April 2023
402. Security Management Service: Service POINQ0241120F I FUJ00235003
Description v 9.0 dated 25 September 2023
403. Horizon Access Control Policy v 8.0 dated 2 I POINQ0094613F I FUJ00088442
June 2009
404. CCN No. 1294d dated 15 March 2012 POINQ0007219F I FUJ00001048
405. RMGA Information Security Policy v 5.0 POINQ0094667F I FUJ00088496
dated 15 September 2009
Page 181 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
406. Post Office HNG-X Account Information POINQ0008737F I FUJ00002566
Security Policy v 6.0 dated 23 January 2014
407. Post Office HNG-X Account ISMS Manual v I POINQ0238798F I FUJ00232655
5.0 dated 30 April 2014
408. Post Office HNG-X Account ISMS Manual v I POINQ0241123F I FUJ00235006
5.0 (withdrawn on 31 May 2017
409. RMGA Information Security Policy v 1.0 POINQ0008241F I FUJ00002070
dated 25 July 2008
410. RMGA Information Security Policy v 2.0 POINQ0238749F I FUJ00232606
dated 5 August 2008
411. RMGA Information Security Policy v 3.0 POINQ0008244F I FUJ00002073
dated 20 October 2008
412. RMGA Information Security Policy v 4.0 POINQ0094509F I FUJ00088338
dated 12 February 2009
413. Post Office HNG-X Account Information POINQO0095045F I FUJ00088874
Security Policy v 6.0 dated 23 January 2014
OPERATIONAL SERVICES RELATING TO PRIVILEGED ACCESS
414. Access Control Policy v 2.0 dated 24 POINQ0094160F FUJ00087989
February 1998
SUMMARY OF MEASURES RELATING TO PRIVILEGED ACCESS
415. Service Description for Implementation and I POINQ0007914F I FUJ00001743
maintenance of security policy and
procedures v 1.0 dated 6 January 2003
416. Service Description for the Security POINQ0178203F I FUJ00172022
Management Service v 2.0 dated 2
December 2004
417. Service Description for the Security POINQ0238693F I FUJ00232550
Management Service v 3.0 dated 6 March
2006
418. Security Functional Specification v 3.0 POINQ0094159F I FUJ00087988
dated 3 December 1997
419. Security Functional Specification v 4.0 POINQ0007464F I FUJ00001293
dated 12 May 1999
420. Security Functional Specification v 5.0 POINQ0094195F I FUJ00088024
dated 23 July 2002
421. Security Functional Specification v 6.0 POINQ0094224F I FUJ00088053
dated 12 September 2002
422. Security Functional Specification v 7.0 POINQ0007918F I FUJ00001747
dated 24 January 2003
423. Security Functional Specification v 8.0 POINQ0094314F I FUJ00088143
dated 23 March 2005
424. Security Functional Specification v 9.0 POINQ0094338F I FUJ00088167
dated 1 February 2006
425. Security Management Procedures v 1.0 POINQ0094175F I FUJ00088004
dated 10 May 1999
426. OpenSSH Support Guide v 1.0 dated 30 POINQ0094253F I FUJ00088082
June 2003
Page 182 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
427. OpenSSH Support Guide v 2.0 dated 9 POINQ0094270F I FUJ00088099
October 2003
428. OpenSSH Support Guide v 3.0 dated 25 POINQ0094286F I FUJ00088115
May 2004
429. OpenSSH Support Guide v 4.0 dated 9 POINQ0094311F I FUJ00088140
February 2005
430. DRS Host Support Guide v 5.0 dated 13 POINQO096890F I FUJ00090719
April 2005
431. Customer Service Operational Change POINQ0238663F I FUJ00232520
Procedure v 0.1 dated 3 May 2000
432. Customer Service Operational Change POINQ0238680F I FUJ00232537
Procedure v 0.4 dated 20 November 2003
433. Customer Service Operational Change POINQ0238681F I FUJ00232538
Procedure v 0.5 dated 24 February 2004
434, Customer Service Operational Change POINQ0238682F I FUJ00232539
Procedure v 1.0 dated 18 March 2004
435. SSC Work Instruction WI1640J dated 10 POINQ0158438F FUJ00152244
November 1999
436. Group Definitions for the Secure NT Build v I POINQ0238587F I FUJ00232444
1.0 dated 4 November 1999
437. Group Definitions for the Secure NT Build v I POINQ0238588F FUJ00232445
2.0 dated 30 January 2000
438. Group Definitions for the Secure NT Build v I POINQ0238590F I FUJ00232447
3.0 dated 18 October 2000
439. Group Definitions for the Secure NT Build v I POINQ0238615F I FUJ00232472
4.0 dated 6 February 2001
440. Group Definitions for the Secure NT Build v I POINQ0238620F I FUJ00232477
5.0 dated 5 June 2001
441. Group Definitions for the Secure NT Build v I POINQ0238630F I FUJ00232487
6.0 dated 14 January 2002
442. Secure Support Role Definitions for POINQ0094267F I FUJ00088096
SECURENT Build v 1.0 dated 8 August
2003
443. Secure Support Role Definitions for POINQ0094275F I FUJ00088104
SECURENT Build v 2.0 dated 18 March
2004
444, Secure Support Role Definitions for POINQ0094289F I FUJ00088118
SECURENT Build v 3.0 dated 22 July 2004
445. Secure Support Role Definitions for POINQ0094303F I FUJ00088132
SECURENT Build v 4.0 dated 4 December
2004
446. Secure Support Role Definitions for POINQ0094349F I FUJ00088178
SECURENT Build v 5.0 dated 25 May 2006
447. Secure Support Role Definitions for POINQ0094379F I FUJ00088208
SECURENT Build v 6.0 dated 30 May 2007
448. Secure Support System Outline Design v POINQ0094207F I FUJ00088036
1.0 dated 2 August 2002
Page 183 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
449. Platform Physical Design for the Secure POINQ0094235F I FUJ00088064
Access Server v 1.0 dated 24 October 2002
450. Fujitsu Services RMGA Information Security I POINQ0238747F I FUJ00232604
Management System (ISMS) Manual v 1.0
dated 30 April 2008
451. Fujitsu Services RMGA Information Security I POINQ0238762F I FUJ00232619
Management System (ISMS) Manual v 2.0
dated 21 July 2010
452. Fujitsu Services Post Office Account POINQ0238795F I FUJ00232652
Information Security Management System
(ISMS) Manual v 3.0 dated 21 December
2012
453. Post Office HNG-X Account ISMS Manual v I POINQ0238797F I FUJ00232654
4.0 dated 29 January 2014
454. Host Branch database Support Guide v 1.0 I POINQ0094720F I FUJ00088549
dated 29 October 2009
455. Host Branch Database Support Guide v 2.0 I POINQ0094901F I FUJ00088730
dated 3 February 2011
456. Host Branch Database Support Guide v 3.0 I POINQ0094968F I FUJ00088797
dated 21 September 2011
457. Host Branch Database Support Guide v 4.0 I POINQ0094977F I FUJ00088806
dated 20 February 2012
458. Host Branch Database Support Guide v 5.0 I POINQ0095007F I FUJ00088836
dated 21 June 2013
459. Host Branch Database Support Guide v6.0 I POINQ0095218F I FUJ00089047
dated 15 January 2015
460. Host Branch Database Support Guide v 7.0 I POINQ0095271F I FUJ00089100
dated 20 February 2015
461. Host Branch Database Support Guide v 8.0 I POINQ0095283F I FUJ00089112
dated 15 April 2015
462. Host Branch Database Support Guide v9.0 I POINQ0095352F I FUJ00089181
dated 25 August 2015
463. Host Branch Database Support Guide v POINQO0095390F I FUJ00089219
10.0 dated 14 December 2015
464. Host Branch Database Support Guide v POINQ0095716F I FUJ00089545
11.0 dated 3 January 2017
465. Host Branch Database Support Guide v POINQ0095756F I FUJ00089585
12.0 dated 26 April 2017
466. Host Branch Database Support Guide v POINQ0095777F I FUJ00089606
13.0 dated 16 August 2017
467. Host Branch Database Support Guide v POINQ0095792F I FUJ00089621
14.0 dated 2 October 2017
468. Host Branch Database Support Guide v POINQ0095847F I FUJ00089676
15.0 dated 15 January 2018
469. Host Branch Database Support Guide v POINQ0241065F I FUJ00234948
16.0 dated 14 May 2018
470. Host Branch Database Support Guide v POINQ0241066F I FUJ00234949
17.0 dated 27 June 2019
Page 184 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
471. Host Branch Database Support Guide v POINQ0241067F I FUJ00234950
18.0 dated 16 October 2019
472. Host Branch Database Support Guide v POINQ0241068F I FUJ00234951
19.0 dated 27 March 2020
473. Host Branch Database Support Guide v POINQ0241069F I FUJ00234952
20.0 dated 16 April 2020
474. Host Branch Database Support Guide v POINQ0241070F I FUJ00234953
21.0 dated 11 December 2020
475. Host Branch Database Support Guide v POINQ0241071F I FUJ00234954
22.0 dated 28 January 2021
476. Host Branch Database Support Guide v POINQ0241072F I FUJ00234955
23.0 dated 23 July 2021
477. Host Branch Database Support Guide v POINQ0241073F I FUJ00234956
24.0 dated 29 July 2022
478. Host Branch Database Support Guide v POINQ0241074F I FUJ00234957
25.0 dated 1 September 2022
479. Host Branch Database Support Guide v POINQ0241075F I FUJ00234958
26.0 dated 9 May 2024
480. DRS Host Support Guide v 1.0 dated 28 POINQ0094717F I FUJ00088546
October 2009
481. DRS Host Support Guide v 2.0 dated 10 POINQ0241076F FUJ00234959
June 2013
482. DRS Host Support Guide v 3.0 dated 21 POINQ0095244F I FUJ00089073
January 2015
483. DRS Host Support Guide v 4.0 dated 18 POINQ0241077F FUJ00234960
July 2016
484. DRS Host Support Guide v 5.0 dated 19 POINQ0095753F I FUJ00089582
April 2017
485. DRS Host Support Guide v 6.0 dated 24 POINQ0241078F I FUJ00234961
December 2019
486. DRS Host Support Guide v 7.0 POINQ0241079F FUJ00234962
487. DRS Host Support Guide v 8.0 POINQ0241080F FUJ00234963
488. DRS Host Support Guide v 9.0 dated 20 POINQ0241081F I FUJ00234964
June 2023
489. RMGA User Management Procedure v 1.0 POINQ0241127F FUJ00235010
dated 27 July 2009
490. Post Office Account User Access Procedure I POINQ0095844F I FUJ00089673
v 11.0 dated 7 November 2017
491. Post Office Account User Access Procedure I POINQ0241128F I FUJ00235011
v 12.0 dated 18 January 2019
492. Post Office Account User Access Procedure I POINQ0241129F I FUJ00235012
v 14.0 dated 19 August 2020
493. Post Office Account User Access Procedure I POINQ0241130F I FUJ00235013
v 15.0 dated 18 October 2021
494. Post Office Account User Access Procedure I POINQ0241131F I FUJ00235014
v 16.0 dated 1 September 2022
Page 185 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
495. Post Office Account User Access Procedure I POINQ0241132F I FUJ00235015
v 17.0 dated 17 March 2023
496. Post Office Account User Access Procedure I POINQ0241133F I FUJ00235016
v 18.0 dated 20 June 2023
497. Post Office Account User Access Procedure I POINQ0241134F I FUJ00235017
v 19.0 dated 23 August 2023
498. Post Office Account User Access Procedure I POINQ0241135F I FUJ00235018
v 20.0 dated 3 November 2023
499. POA Privileged Account Policy v 1.0 dated POINQ0241124F I FUJ00235007
28 July 2022
500. POA Privileged Account Policy v 2.0 dated POINQ0241125F I FUJ00235008
23 March 2023
501. POA Privileged Account Policy v 3.0 dated POINQ0241126F I FUJ00235009
15 January 2024
502. POA Privileged Account Policy v 4.0 dated POINQ0249169F I FUJ00243144
23 May 2024
503. EY Management letter dated 19 May 2011 POINQ0093116F I FUJ00086945
504. Draft response to EY dated 30 April 2012 POINQ0093140F FUJ00086969
505. EY Management letter dated 25 March POINQ0093141F I FUJ00086970
2012
506. Briefing for Fujitsu regarding Alan Bates & POINQ0093398F I FUJ00087227
Others v Post Office Limited dated 23
February 2017
507. Change Work Order No. 0574 dated 1 POINQ0238987F FUJ00232844
March 2022
508. E-mail from Post Office Account Change POINQ0238989F I FUJ00232846
Management to POA Programme Office,
POA Finance Admin, A. Loveday and others
with subject "CP2851 (Dim 7408) -
CWO08574 - Rel Ind - APPROVED - New
Customer Access Report (Updated)" dated
14 March 2022
509. Change Proposal No. 7408 dated 21 POINQ0238970F FUJ00232827
February 2022
510. CCN No. 1718 dated 25 May 2022 POINQ0239283F I FUJ00233140
511. Refinement of Access Rights to Oracle POINQ0238991F I FUJ00232848
Databases v 1.0 dated 31 March 2022
512. E-mail from Post Office Account Change POINQ0238962F I FUJ00232819
Management to dl RMGA ChM CCB
copying M. Mistry, G. Seemungal, G. Baker,
S. Evans with subject "FOR
INFORMATION: HNG-X CP2831 - Future -
Refinement of access rights to non-BRDB
databases (7388)" dated 18 January 2022
513. CP No. 7388 dated 18 January 2021 POINQ0238963F I FUJ00232820
514. Horizon Data Changes Process Work POINQ0239132F I FUJ00232989
Instruction v 1.1 dated 1 August 2023
Page 186 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
515. Horizon Data Changes Process Work POINQ0239134F I FUJ00232991
Instruction v 2.0 dated 11 August 2023
516. Horizon Data Changes Process Work POINQ0241107F I FUJ00234990
Instruction v 3.0 dated 3 May 2024
517. Standardise Database Logging POINQ0239007F I FUJ00232864
Configurations v 1.0 dated 8 November
2022
518. RFC Post Implementation Review dated 18 I POINQ0238813F I FUJ00232670
October 2016
519. Horizon Data Changes Process Work POINQ0238862F I FUJ00232719
Instruction v 0.1 dated 28 June 2021
520. Horizon Data Changes Process Work POINQ0238997F I FUJ00232854
Instruction v 1.0 dated 1 August 2022
521. RA Report dated 12 February 2021 POL00030526
MONITORING COMPLIANCE
522. Major Incident Report - Fujitsu Network POINQ0238847F I FUJ00232704
Issue 19 10 2020 & 21 10 2020 dated 19
October 2020
523. Email from L. Brown to T. Atkinson, L. POINQ0238763F I FUJ00232620
Machin, S. Bothick and others with subject
"Service Management Review & Scorecard"
dated 1 October 2010
524. Slide deck titled "Post Office Account POINQ0180981F I FUJ00174800
Governance Review" dated 2 August 2013
525. Service Review - Performance Statistics v POINQ0064392F I FUJ00058221
3.0 dated 7 February 2000
526. Service Review - Performance Statistics v POINQ0064384F I FUJ00058213
2.2 dated 16 April 1999
527. Document titled "Service Review Book June I POINQ0158467F I FUJ00152273
2007" v 1.0 dated 13 July 2007
528. Document titled "Service Review Book POINQ0158470F I FUJ00152276
September 2007" v 1.0 dated 12 October
2007
529. April 2011 SMR Agenda dated 15 April POINQ0238768F I FUJ00232625
2011
530. Spreadsheet titled "Service Management POINQ0238769F I FUJ00232626
Review: Actions" dated 15 April 2011
531. Service Review Book for March 2011 dated I POINQ0238770F I FUJ00232627
13 April 2011
532. Email from H. Love to J. Davidson, T. POINQ0238767F I FUJ00232624
Atkinson, M. Daniel Lamaziere, and others
with subject "SMR Documentation - April"
dated 15 April 2011
533. Slide deck titled "Post Office Horizon + AEI POINQ0238780F I FUJ00232637
Cloud Connect DSL NG (TalkTalk
Business) Migration" dated 13 July 2011
Page 187 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
534.
Slide deck titled "SMR Overview of SACM &
Capacity Management Activities Manage
Service Change (MSCs) in June 2011"
dated 13 July 2011
POINQ0238781F
FUJ00232638
535.
Document titled "HNGx SMR Service
Transition & Change Update" dated 8 July
2011
POINQ0238782F
FUJ00232639
536.
Email from A. J. Dockerty to J. Davidson, T.
Atkinson, M. Daniel Lamaziere and others
with subject "SMR Documentation" dated 15
July 2011
POINQ0238779F
FUJ00232636
537.
Document titled "Service Review Book July
2007" v 1.0 dated 14 August 2007
POINQ0158468F
FUJ00152274
538.
Document titled "Service Review" v 1.0
dated 12 July 2002
POINQ0231146F
FUJ00225029
539.
Service Review Book - Monthly Charts for
October 2018
POINQ0238816F
FUJ00232673
540.
Service Management High Level Process
Description Service Improvement dated 20
October 2000
POINQ0238591F
FUJ00232448
541.
Document titled "Notes of Horizon Service
Review Forum" dated 22 November 2000
POINQ0126165F
FUJ00119973
542.
Document titled "Horizon Service Review
Forum Summary Report on Service Review
Forums for November 2000" dated 21
November 2000
POINQ0126166F
FUJ00119974
543.
Horizon Service Review Forum Summary
Report on Service Review Forums dated
March 2001
POINQ0238619F
FUJ00232476
544,
Horizon Service Review Forum Summary
Report on Service Review Forums dated
April 2002
POINQ0238641F
FUJ00232498
545.
Horizon Service Review Forum Summary
Report on Service Review Forums dated
March 2002
POINQ0238637F
FUJ00232494
546.
Spreadsheet titled "Hot Topics list" dated 17
October 2010
POINQ0239285F
FUJ00233142
547.
Assessment Control Page dated 9 March
2004
POINQ0086883F
FUJ00080712
548.
Assessment Control Page dated 1 February
2009
POINQ0086970F
FUJ00080799
549.
Local Security Audit Report - Networks -
2009 v 1.0 dated 18 August 2009
POINQ0086976F
FUJ00080805
550.
Document titled "Bureau Veritas
Certification External Assessment Report"
dated 15 November 2013
POINQ0086803F
FUJ00080632
551.
Document titled "Security Assessment"
dated 26 July 2013
POINQ0086801F
FUJ00080630
Page 188 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
552. Document titled "Security Assessment" POINQ0086816F I FUJ00080645
dated 20 April 2017
553. RMG BU Quality Management Report for POINQ0087002F I FUJ00080831
June 2011 v 5.1 dated 28 June 2011
554. Quality Management Report (Nov 2011) v POINQ0087013F I FUJ00080842
10.0 dated 21 November 2011
555. Quality Management Report (December POINQ0087121F I FUJ00080950
2016) v 12.0 dated 2 February 2017
556. Assessment Control Page dated 30 August I POINQO086908F I FUJ00080737
2005
557. Letter from T. Jowett to W. Warham re: POINQ0238843F I FUJ00232700
"Horizon Audit" dated 20 August 2020
558. SDLC Report v 1.0 dated 29 January 2021 POINQ0238858F I FUJ00232715
559. Testing & QA Report v 1.0 dated 29 POINQ0238857F I FUJ00232714
January 2021
560. The BED Report (29 BED as identified by POL00030528
Fraser J)
561. HNG-X Agreement, Schedule A2 - POINQ0238961F FUJ00232818
Relationship and Governance v 14.0
updated January 2021
562. HNG-X Agreement, Schedule A2 - POINQ0238994F I FUJ00232851
Relationship and Governance v 14.0
updated June 2022
563. HNG-X Agreement, Schedule A2 - POINQ0239129F I FUJ00232986
Relationship and Governance v 14.0
updated September 2022
564. HNG-X Agreement, Schedule A2 - POINQ0239127F I FUJ00232984
Relationship and Governance v 14.0
updated July 2023
565. Horizon Defects Review Terms of POINQ0239128F I FUJ00232985
Reference dated 3 January 2023
566. Presentation titled "Post Office & Fujitsu POINQ0239133F FUJ00232990
Monthly Governance Review - July Period"
dated 9 August 2023
FINANCIAL PENALTIES
567. Service Review for March 2004 dated 14 POINQ0238683F I FUJ00232540
April 2004
LIQUIDATED DAMAGES
568. POA Customer Service Major Incident POINQ0086169F I FUJ00079998
Process v 1.0 dated 3 October 2006
569. Major Incident Report dated 8 February POINQ0238692F I FUJ00232549
2006
570. Minutes of Horizon Service Management POINQ0238695F I FUJ00232552
Forum Minutes held on 24 April 2006
571. Credit Memo No. 8024533 dated 21 July POINQ0238699F I FUJ00232556
2006
Page 189 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
572.
Document tiled "Commercial Guidance -
Applicability of Liquidated Damages to the
Red Alert that occurred on 27/07" dated 2
August 2011
POINQ0238793F
FUJ00232650
573.
SLA Performance Remedy and Business
Incident Payments Process v 1.0 dated 12
December 2000
POINQ0238604F
FUJ00232461
574.
Document titled "Manual Error Report -
Liquidated Damages Costs" dated 21
December 2010
POINQ0238765F
FUJ00232622
575.
Business Incident Management Service
High Level Design v 2.1 dated 21 November
2001
POINQ0146372F
FUJ00140177
576.
Monthly Incident Review (January 1999)
dated 1 February 1999
POINQ0064533F
FUJ00058362
577.
Monthly Incident Review (March 2000)
dated 13 April 2000
POINQ0238609F
FUJ00232466
578.
Monthly TIP Operational Review Book
(October 2002) v 1.0 dated 7 November
2002
POINQ0238664F
FUJ00232521
579.
Data Errors & Not Data Errors - Contractual
Definitions v 1.0 dated 20 December 2002
POINQ0238668F
FUJ00232525
580.
Benefit Payment End to End Reconciliation
Process For ICL Pathway Release NR2 -
PART 3 (Liability Assignment) v 0.C dated 6
February 1999
POINQ0238575F
FUJ00232432
581.
Case Law Referral No. 0001 dated 25
February 2000
POINQ0239120F
FUJ00232977
582.
BIMS Charging Details Report for February
2010 dated 6 July 2007
POINQ0238761F
FUJ00232618
583.
Monthly Incident Review (June 2000) v 1.4
dated 10 July 2000
POINQ0064645F
FUJ00058474
584.
Spreadsheet titled "MERJun_Jly_Aug1"
dated 20 July 2000
POINQ0238589F
FUJ00232446
585.
Case Law Referral No. 0004 dated 22
March 2000
POINQ0239121F
FUJ00232978
586.
Case Law Referral No. 0005 dated 22
March 2000
POINQ0239123F
FUJ00232980
587.
Letter from C. Lenton-Smith to K. Baines re:
"Without Prejudice - RE: BIMS Incidents"
dated 25 October 2001
POINQ0238625F
FUJ00232482
588.
Letter from M. J. Hannon to C. Lenton-
Smith re: "BIMS Incidents" dated 16 July
2002
POINQ0239117F
FUJ00232974
589.
Letter from C. Lenton Smith to M. Hannon
re: "Without Prejudice - Re BIMS Incidents"
dated 13 September 2002
POINQ0238651F
FUJ00232508
Page 190 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
590.
E-mail chain from C. Wadeson to J. Moran
copying C. Lenton-Smith with subject
"Another question" dated 20 May 2003
POINQ0238678F
FUJ00232535
591.
E-mail chain from C. Wadeson to J. Moran
copying C. Lenton-Smith with subject
"Another question" dated 20 May 2003
POINQ0238679F
FUJ00232536
592.
Spreadsheet titled "Commercial Forum Mar"
dated 24 March 2003
POINQ0238675F
FUJ00232532
593.
Case Law Referral No. 0007 dated 8
November 1999
POINQ0239124F
FUJ00232981
594.
Case Law Referral No. 0008 dated 8
February 2001
POINQ0239122F
FUJ00232979
595.
Case Law Referral No. 0009 dated 8
November 2001 (updated on 4 February
2002)
POINQ0239125F
FUJ00232982
596.
Case Law Referral No. 0009 dated 8
November 2001
POINQ0239119F
FUJ00232976
597.
Letter from C. Lenton-Smith to K. Baines re:
"“OBCS Failure - 8 November 2001" dated
18 January 2002
POINQ0238633F
FUJ00232490
598.
Pension Book MBCI (8th November 2001)
Report v 1.0 dated 16 November 2001
POINQ0145370F
FUJ00139175
599.
E-mail chain from C. Lenton-Smith to R.
Brunskill with subject "OBCS Failure -
Letters" dated 7 February 2003
POINQ0238671F
FUJ00232528
600.
Credit Memo No. 8001005 dated 30 April
2003
POINQ0238677F
FUJ00232534
601.
Letter from K. Baines to C. Lenton-Smith re:
"OBCS Failure - 8 November 2001" dated
14 December 2001.
POINQ0238626F
FUJ00232483
602.
E-mail chain from M. Riddell to C. Lenton-
Smith, copying P. Westfield, R. Brunskill
and P. Burden with subject "8th Nov Report"
dated 19 December 2001
POINQ0238627F
FUJ00232484
603.
Pension Book MBCI (8th November 2001)
Report v 1.0 dated 16 November 2001
POINQ0238628F
FUJ00232485
604.
E-mail from C. Lenton-Smith to R. Brunskill
with subject "OBCS Failure - letters" dated 6
February 2003
POINQ0238670F
FUJ00232527
605.
Minutes of Horizon Commercial Forum
Meeting held on 19 February 2003
POINQ0238673F
FUJ00232530
606.
Letter from K. Baines to C. Lenton-Smith re:
"OBCS Failure on 8th November 2001"
dated 28 February 2003
POINQ0238676F
FUJ00232533
607.
Letter from K. Baines to C. Lenton-Smith re:
"OBCS Failure on 8th November 2001"
dated 28 February 2003
POINQ0239126F
FUJ00232983
Page 191 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
608.
ICL Pathway/Post Office Counters Limited
Interface Agreement for the Network
Business Support Centre and Horizon
System Helpdesk v 2.0 dated 13 July 2000
POINQ0086577F
FUJ00080406
609.
Fujitsu Services Pathway/Post Office
Limited Interface Agreement for the Network
Business Support Centre and Horizon
System Helpdesk v 3.0 dated 25 September
2002
POINQ0086592F
FUJ00080421
610.
Fujitsu Services /Post Office Ltd Interface
Agreement for the Post Office Ltd Network
Business Support Centre and Horizon
System Helpdesk Interface v 5.0 dated 22
September 2004
POINQ0086620F
FUJ00080449
611.
Service Level Targets for Horizon Services
v 1.0 dated 5 December 2002
POINQ0238650F
FUJ00232507
612.
Service Level Targets for Horizon Services
v 3.0 dated 19 August 2005
POINQ0238687F
FUJ00232544
613.
Data Centre Operations Service - Service
Description v 1.0 dated 31 August 2006
POINQ0094352F
FUJ00088181
614.
Data Centre Operations Service: Service
Description v 2.0 dated 30 July 2009
POINQ0238754F
FUJ00232611
615.
Data Centre Operations Service: Service
Description v 3.0 dated 8 October 2009
POINQ0238755F
FUJ00232612
616.
Data Centre Operations Service: Service
Description v 4.0 dated 13 December 2013
POINQ0095041F
FUJ00088870
617.
Data Centre Operations Service: Service
Description v 5.0 dated 4 February 2014
POINQ0095067F
FUJ00088896
618.
Data Centre Operations Service: Service
Description v 6.0 dated 29 November 2016
POINQ0095715F
FUJ00089544
619.
Data Centre Operations Service: Service
Description v 7.0 dated 23 June 2022
POINQ0241111F
FUJ00234994
620.
Data Centre Operations Service: Service
Description v 8.0 dated 7 July 2023
POINQ0241112F
FUJ00234995
621.
Data Centre Operations Service: Service
Description v 9.0 dated 30 May 2024
POINQ0249170F
FUJ00243145
622.
Horizon Service Desk Joint Working
Document v 1.0 dated 27 July 2007
POINQ0086630F
FUJ00080459
623.
Horizon Service Desk Joint Working
Document v 2.0 dated 4 September 2008
POINQ0086267F
FUJ00080096
624.
Horizon Service Desk Joint Working
Document v 3.0 dated 26 February 2014
POINQO086656F
FUJ00080485
625.
Service Level Target and Liquidated
Damages Exclusions v 1.0 dated 19 June
2007
POINQ0008222F
FUJ00002051
626.
Service Level Target and Liquidated
Damages Exclusions v 2.0 dated 20
November 2007
POINQ0008229F
FUJ00002058
Page 192 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
627.
Service Level Target and Liquidated
Damages Exclusions v 3.0 dated 18 March
2009
POINQ0008256F
FUJ00002085
628.
Service Level Target and Liquidated
Damages Exclusions v 4.0 dated 15
December 2010
POINQ0008505F
FUJ00002334
629.
Service Level Target and Liquidated
Damages Exclusions v 5.0 dated 14
January 2013
POINQ0008622F
FUJ00002451
630.
Service Level Target and Liquidated
Damages Exclusions v 6.0 dated 26
February 2014
POINQ0008742F
FUJ00002571
631.
Service Level Target and Liquidated
Damages Exclusions (v WD dated 3
December 2021)
POINQ0241096F
FUJ00234979
632.
Definitions of Engineering Service Priority
and Local/Remote Locations v 1.0 dated 6
February 2007
POINQ0008214F
FUJ00002043
633.
Definitions of Engineering Service Priority
and Local / Remote Locations v 2.0 dated
21 January 2009
POINQ0008250F
FUJ00002079
634.
Definitions of Engineering Service Priority
and Local / Remote Locations v 3.0 dated
15 June 2012
POINQ0008615F
FUJ00002444
635.
POA Customer Service Major Incident
Process v 2.0 dated 2 September 2008
POINQ0086225F
FUJ00080054
636.
RMGA Customer Service Major Incident
Process v 3.0 dated 7 July 2009
POINQ0086242F
FUJ00080071
637.
POA Customer Service Major Incident
Process v 4.0 dated 26 March 2010
POINQ0086280F
FUJ00080109
638.
POA Customer Service Major Incident
Process v 5.0 dated 7 June 2010
POINQ0086287F
FUJ00080116
639.
POA Customer Service Major Incident
Process v 6.0 dated 14 September 2010
POINQ0086360F
FUJ00080189
640.
POA Operations Major Incident Procedure v
7.0 dated 16 January 2012
POINQ0086393F
FUJ00080222
641.
POA Operations Major Incident Procedure v
8.0 dated 18 October 2013
POINQ0086410F
FUJ00080239
642.
POA Operations Major Incident Procedure v
9.0 dated 15 August 2014
POINQ0126253F
FUJ00120061
643.
POA Operations Major Incident Procedure v
12.0 dated 19 July 2016
POINQ0086547F
FUJ00080376
644.
POA Operations Major Incident Procedure v
13.0 dated 12 January 2017
POINQ0086552F
FUJ00080381
645.
POA Operations Major Incident Procedure v
14.0 dated 12 September 2017
POINQO086565F
FUJ00080394
646.
POA Operations Major Incident Procedure v
15.0 dated 24 January 2019
POINQ0241083F
FUJ00234966
Page 193 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
647. POA Operations Major Incident Procedure v I POINQ0241084F I FUJ00234967
16.0 dated 2 April 2020
648. POA Operations Major Incident Procedure v I POINQ0241085F I FUJ00234968
17.0 dated 7 April 2020
649. POA Operations Major Incident Procedure v I POINQ0241086F I FUJ00234969
18.0 dated 3 June 2020
650. POA Operations Major Incident Procedure v I POINQ0241087F I FUJ00234970
19.0 dated 17 June 2020
651. POA Operations Major Incident Procedure v I POINQ0241088F I FUJ00234971
20.0 dated 1 September 2020
652. POA Operations Major Incident Procedure v I POINQ0241089F I FUJ00234972
21.0 dated 31 December 2020
653. POA Operations Major Incident Procedure v I POINQ0241090F I FUJ00234973
22.0 dated 19 January 2021
654. POA Operations Major Incident Procedure v I POINQ0241091F I FUJ00234974
23.0 dated 7 April 2021
655. POA Operations Major Incident Procedure v I POINQ0241092F I FUJ00234975
24.0 dated 5 June 2021
656. POA Operations Major Incident Procedure v I POINQ0241093F I FUJ00234976
25.0 dated 8 September 2021
657. POA Operations Major Incident Procedure v I POINQ0241094F I FUJ00234977
26.0 dated 24 February 2023
658. Service Description for AP Client File POINQ0238667F FUJ00232524
Resend Service v 2.0 dated 20 December
2002
659. Service Description for AP Client File POINQ0007980F I FUJ00001809
Resend Service v 3.0 dated 16 June 2003
660. Service Description for AP Client File POINQ0008051F I FUJ00001880
Resend Service v 4.0 dated 17 May 2004
661. Service Description for AP Client File POINQ0008119F I FUJ00001948
Resend Service v 5.0 dated 13 April 2005
662. Service Description for AP Client File POINQ0008174F I FUJ00002003
Resend Service v 6.0 dated 12 April 2006
663. Service Description for AP Client File POINQ0238751F I FUJ00232608
Resend Service v 7.0 dated 26 November
2008
664. HNG-X Business Continuity Framework v POINQ0008413F I FUJ00002242
2.0 dated 3 September 2010
665. POA HNG-X Business Continuity POINQ0008964F I FUJ00002793
Framework v 3.0 dated 23 March 2015
666. POA HNG-X Business Continuity POINQO0009399F I FUJ00003228
Framework v 4.0 dated 22 December 2016
667. POLSAP Hosting Service: Joint Working POINQ0126667F I FUJ00120475
Document v 1.0 dated 7 October 2010
668. POLSAP Hosting Service: Joint Working POINQ0126668F I FUJ00120476
Document (Operational Level Agreement) v
2.0 dated 4 November 2010
Page 194 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
669.
POLSAP Hosting Service: Joint Working
Document (Operational Level Agreement) v
3.0 dated 6 March 2014
POINQ0126669F
FUJ00120477
670.
POLSAP Hosting Service, Service
Description v 4.0 dated 27 July 2018
POINQO0009506F
FUJ00003335
671.
POLSAP Hosting Service, Service
Description withdrawn on 1 October 2019
POINQ0241122F
FUJ00235005
672.
Operational Level Agreement for 4th line
support of HNGX v 9 dated 7 October 2009
POINQ0238756F
FUJ00232613
673.
Operational Level Agreement for Application
4th Line Support of HNGX (withdrawn on 2
April 2020)
POINQ0241082F
FUJ00234965
674.
Operational Level Agreement for 4th Line
Support of HNGX v 1.0 dated 14 January
2010
POINQ0086254F
FUJ00080083
675.
ICL Pathway/POCL Interface Agreement for
Operational Business Change - Product v
1.0 dated 25 June 1999
POINQ0238580F
FUJ00232437
676.
ICL Pathway/POCL Interface Agreement for
Operational Business Change - Product v
2.0 dated 8 July 1999
POINQ0238582F
FUJ00232439
677.
ICL Pathway / POCL Interface Agreement
for Operational Business Change - Product
v 3.0 dated 20 January 2000
POINQ0007537F
FUJ00001366
678.
ICL Pathway / PON Interface Agreement for
Operational Business Change - Product v
4.0 dated 11 December 2000
POINQ0238605F
FUJ00232462
679.
ICL Pathway / PON Interface Agreement for
Operational Business Change - Product v
5.0 dated 9 January 2001
POINQ0238607F
FUJ00232464
680.
ICL Pathway / PON Interface Agreement for
Operational Business Change - Product v
6.0 dated 13 July 2001
POINQ0238621F
FUJ00232478
681.
ICL Pathway / PON Interface Agreement for
Operational Business Change - Product v
7.0 dated 28 August 2001
POINQ0238623F
FUJ00232480
682.
Fujitsu Services (Pathway) Ltd / Post Office
Ltd Interface Agreement for Operational
Business Change - Product v 8.0 dated 30
September 2002
POINQ0238661F
FUJ00232518
683.
Fujitsu Services (Pathway) Ltd / Post Office
Ltd Interface Agreement for Operational
Business Change - Product v 9.0 dated 30
October 2002
POINQ0007856F
FUJ00001685
684.
Fujitsu Services (Pathway) Ltd / Post Office
Ltd Interface Agreement for Operational
Business Change - Product v 10.0 dated 20
December 2002
POINQ0238665F
FUJ00232522
Page 195 of 218
WITN06650400
WITN06650400
Exhibit
no.
Document description
Control No.
URN
685.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 11.0 dated 27
November 2003
POINQ0008004F
FUJ00001833
686.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 12.0 dated 24
August 2005
POINQ0238688F
FUJ00232545
687.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 13.0 dated 22
February 2006
POINQ0008160F
FUJ00001989
688.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 14.0 dated 17
July 2007
POINQ0008225F
FUJ00002054
689.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 15.0 dated 3
June 2010
POINQ0008348F
FUJ00002177
690.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 16.0 dated 8
June 2011
POINQ0008590F
FUJ00002419
691.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 17.0 dated 6
September 2013
POINQ0008664F
FUJ00002493
692.
Fujitsu Services / Post Office Ltd Interface
Agreement for Operational Business
Change - Reference Data v 18.0 dated 10
October 2016
POINQ0009312F
FUJ00003141
693.
General Testing Policy v 1.0 dated 1 May
1996
POINQ0125697F
FUJ00119498
694.
General Testing Policy v 2.0 dated 30
September 1996
POINQ0007699F
FUJ00001528
695.
Testing & Integration Strategy v 2.0 dated
30 September 1996
POINQ0007444F
FUJ00001273
696.
Testing & Integration Strategy v 1.0 dated 1
May 1996
POINQ0125698F
FUJ00119499
697.
Testing and Integration Strategy v 3.0 dated
16 July 2002
POINQ0007844F
FUJ00001673
698.
POA End-To-End Customer Complaints
Procedure - Joint Working Document v 1.0
dated 6 November 2006
POINQ0086171F
FUJ00080000
699.
RMGA End-To-End Customer Complaints
Procedure - Joint Working Document v 2.0
dated 24 December 2007
POINQ0086205F
FUJ00080034
Page 196 of 218
WITN06650400
WITN06650400
Exhibit I Document description Control No. URN
no.
700. POA Customer Service End-to-End POINQ0086498F I FUJ00080327
Customer Complaints Procedure v 4.0
dated 12 January 2016
701. POA Customer Service End-to-End POINQ0241095F I FUJ00234978
Customer Complaints Procedure v 5.0
dated 10 February 2023
702. HNG-X Testing Strategy v 1.0 dated 21 POINQ0238713F I FUJ00232570
March 2006
703. HNG-X Testing Strategy v 2.0 dated 10 POINQ0238730F I FUJ00232587
April 2008
704. Approach to Testing for Project HNG-X v POINQ0238704F I FUJ00232561
1.0 dated 20 December 2006
705. Approach to Testing for Project HNG-X v POINQ0008235F I FUJ00002064
2.0 dated 10 April 2008
706. HNG-X Support Services Business POINQ0238801F I FUJ00232658
Continuity Plan v 2.0 dated 15 October
2014
707. Management Information Service - Joint POINQ0160862F I FUJ00154667
Working Document v 0.1 dated 3 October
2007
708. Transaction Time Benchmarking Process v_ I POINQ0238794F I FUJ00232651
1.0 dated 17 July 2009
709. Network Banking End to End Reconciliation I POINQ0238629F I FUJ00232486
Reporting v 1.0 dated 19 December 2001
710. Network Banking End to End Reconciliation I POINQ0238631F I FUJ00232488
Reporting v 2.0 dated 21 January 2002
711. Network Banking End to End Reconciliation I POINQ0007838F I FUJ00001667
Reporting v 4.0 dated 29 July 2002
712. Network Banking End to End Reconciliation I POINQ0007858F I FUJ00001687
Reporting v 4.1 dated 4 November 2002
713. Network Banking End to End Reconciliation I POINQ0007911F I FUJ00001740
Reporting v 5.0 dated 29 December 2002
714. Network Banking End to End Reconciliation I POINQ0008013F I FUJ00001842
Reporting v 6.0 dated 24 December 2003
715. Network Banking End to End Reconciliation I POINQ0008079F I FUJ00001908
Reporting v 7.0 dated 15 November 2004
716. End to End Reconciliation Reporting v 1.0 POINQ0086195F I FUJ00080024
dated 2 February 2007
717. End to End Reconciliation Reporting v 2.0 POINQ0086384F I FUJ00080213
dated 22 June 2011
718. End to End Reconciliation Reporting v 3.0 POINQ0086397F I FUJ00080226
dated 4 May 2012
719. End to End Reconciliation Reporting v 4.0 POINQ0086557F I FUJ00080386
dated 4 September 2017
720. End to End Reconciliation Reporting v 5.0 POINQ0009617F I FUJ00003446
dated 23 April 2020
721. End to End Reconciliation Reporting v 6.0 POINQ0241121F I FUJ00235004
dated 14 December 2022
Page 197 of 218
Varied and
Restated
Agreements
Appendix - Operational Services
A. Service Desk Service
Schedule
4
, paragraph 2.1, Row
Horizon Systems Helpdesk:
Service Description
(CS/SER/002)387
Agreement (CS/IFS/007)388
POA Incident Management
Process (CS/PRD/074)#®9
Data Centre Operations Service
(CS/SER/007)3%°
CSR+ Horizon System
Helpdesk Processes and
Procedures Description’
(CS/PRO/092)9"
WITNO6650400
WITN06650400
Schedule 15, Annex 1,
Paragraph 3 (“Service Level
Targets for which No Liquidated
Damages Apply”)
Service Level Targets for
Horizon Services
(SRP/MTG/007)322
387 FUJ00080428 (v 1.0 dated 20 December 2002)
388 FUJ00080405 (v 1.0 dated 25 February 2000); FUJ00080406 (v 2.0 dated 13 July 2000); FUJ00080421 (v 3.0 dated 25 September 200); FUJ00080444 (v
4.0 dated 1 July 2003); FUJ00080449 (v 5.0 dated 22 September 2004)
389 FUJ00079865 (v 1.0 dated 13 November 2000); FUJ00079937 (v 2.0 dated 20 January 2005); FUJ00079939 (v 3.0 dated 23 March 2005); FUJ00079968
(v 4.0 dated 2 August 2005)
399 FUJ00001733 (v 1.0 dated 20 December 2002); FUJ00001925 (v 2.0 dated 8 February 2005)
381 FUJ00001761 (v 5.0 dated 25 March 2003)
392 FUJ00232507 (v 1.0 dated 5 December 2002); FUJ00232544 (v 3.0 dated 19 August 2005)
Page 198 of 218
WITNO6650400
WITN06650400
‘I Liquidated Damages
‘I Service Description
Dee ne Provisions
2. Horizon Online : Schedule B3.1, paragraph 21 7 ‘Data Centre Operations Schedule B4.4, Annex 1,
Agreements Row 1 Service: Service Description Paragraph 2 (“Service Levels
(SVM/SDM/SD/0003)3% for which No Liquidated
Service Desk Service: Service Damages Apply”)
Description POA Incident Management
(SVM/SDM/SD/0001)293 Process Service Desk Service: Service
(SVM/SDM/PRO/0018)295 Description
(SVM/SDM/$D/0001)°2”,
Service Desk Joint Working Sections 2.3 (“Service Levels
Document and Remedies”) and 4.1
(SVM/SDM/PRO/0021)39° (“Service Definition”)
Service Level Target &
Liquidated Damages Exclusions
(SVM/SDM/PRO/0006), 3%
393 FUJ00080457 (v 1.0 dated 31 August 2006); FUJ00080471 (v 2.0 dated 29 September 2008); FUJ00080475 (v 3.0 dated 20 August 2010); FUJ00080477
(v 4.0 dated 16 September 2010); FUJ00080483 (v 5.0 dated 29 April 2013); FUJ00080484 (v 6.0 dated 12 March 2014)
3°4 FUJ00088181 (v 1.0 dated 31 August 2006); FUJ00232611 (v 2.0 dated 30 July 2009); FUJ00232612 (v 3.0 dated 8 October 2009); FUJ00088870 (v 4.0
dated 13 December 2013); FUJ00088896 (v 5.0 dated 4 February 2014); FUJ00089544 (v 6.0 dated 29 November 2016); FUJ00234994 (v 7.0 dated 23 June
2022); FUJ00234995 (v 8.0 dated 7 July 2023); FUJ00243145 (v 9.0 dated 30 May 2024)
385 FUJ00080003 (v 1.0 dated 6 November 2006); FUJ00080027 (v 2.0 dated 2 April 2007); FUJ00120051 (v 3.0 dated 28 July 2009); FUJ00080076 (v 4.0
dated 3 August 2009); FUJ00080205 (v 6.0 dated 29 November 2016); FUJ00080244 (v 6.0 dated 13 November 2013); FUJ00080298 (v 7.0 dated 17 July
2014); FUJ00080370 (v 8.0 dated 12 July 2016); FUJ00080388 (v 9.0 dated 12 September 2017); FUJ00234981 (v 10.0 dated 29 January 2019); FUJ00234982
(v 11.0 dated 18 June 2020); FUJ00234983 (v 12.0 dated 15 July 2020); FUJ00234984 (v 13.0 dated 1 September 2020); FUJ00234985 (v 14.0 dated 21
January 2021); FUJ00234986 (v 15.0 dated 5 July 2021); FUJ00234987 (v 16.0 dated 8 September 2021); FUJ00234988 (v 17.0 dated 24 February 2023);
FUJ00234989 (v 18.0 dated 15 January 2024)
396 FUJ00080459 (v 1.0 dated 27 July 2007); FUJ00080096 (v 2.0 dated 4 September 2008); FUJ00080485 (v 3.0 dated 27 February 2014)
387 FUJ00080457 (v 1.0 dated 31 August 2006); FUJ00080471 (v 2.0 dated 29 September 2008); FUJ00080475 (v 3.0 dated 20 August 2010); FUJ00080477
(v 4.0 dated 16 September 2010); FUJ00080483 (v 5.0 dated 29 April 2013); FUJ00080484 (v 6.0 dated 12 March 2014)
398 FUJ00002051 (v 1.0 dated 19 June 2007); FUJ00002058 (v 2.0 dated 20 November 2007); FUJ00002085 (v 3.0 dated 18 March 2009); FUJ00002334 (v
4.0 dated 15 December 2010); FUJ00002451 (v 5.0 dated 14 January 2013); FUJ00002571 (v 6.0 dated 26 February 2014)
Page 199 of 218
WITNO6650400
WITN06650400
withdrawn on 3 December
2021599
399 FUJ00234979 (v WD dated 3 December 2021)
Page 200 of 218
B. Engineering Service
WITNO6650400
WITN06650400
Varied a'
Restated
Agreements
chedul , Paragraph 2.1,
Table A Row 3
Engineer Service: Service
Description (CS/SER/005)*°
tre Operati
(CS/SER/007)4°
hedule 15, At ;
Paragraph 2 (“Service Level
Targets for which Liquidated
Damages Apply”)
Schedule 15, Annex 1,
Paragraph 3 (“Service Level
Targets for which No Liquidated
Damages Apply”)
Service Level Targets for
Horizon Services
(SRP/MTG/007)402
2. I Horizon Online Schedule B3.1, Paragraph 2.1, Definitions of Engineering Schedule C1
Agreements Table A, Row 2 Service Priority and
Local/Remote Locations Engineering Service: Service
(SVM/SDM/PRO/0004)4% Description
(SVM/SDM/SD/0002)*%,
sections 2.3 (“Service Levels
400 FUJ00001732 (v 1.0 dated 19 December 2002); FUJ00001802 (v 2.0 dated 15 May 2003)
401 FUJ00001733 (v 1.0 dated 20 December 2002); FUJ00001925 (v 2.0 dated 8 February 2005)
402 FUJ00232507 (v 1.0 dated 5 December 2002); FUJ00232544 (v 3.0 dated 19 August 2005)
404 FUJ00002043 (v 1.0 dated 6 February 2007); FUJ00002079 (v 2.0 dated 21 January 2009); FUJ00002444 (v3.0 dated 15 June 2012)
406 FUJ00002021 (v 1.0 dated 31 August 2006); FUJ00002041 (v 2.0 dated 28 February 2007); FUJ00002080 (v 3.0 dated 25 November 2008); FUJ00002277
(v 4.0 dated 26 November 2010); FUJ00002445 (v 5.0 dated 3 July 2012); FUJ00002545 (v 6.0 dated 29 October 2013)
Page 201 of 218
WITNO6650400
WITNO06650400
Engineering Service: ‘Service POA Customer Service Major and Remedies ) and 41
Description Incident Process (“Service Definition”)
(SVM/SDM/SD/0002)4° (SVM/SDM/PRO/0001)4°>
Definitions of Engineering
Service Priority and
Local/Remote Locations
Process
(SVM/SDM/PRO/0004)*°”
Service Level Target &
Liquidated Damages Exclusions
(SVM/SDM/PRO/0006), #2
withdrawn on 3 December
2021409
403 FUJ00002021 (v 1.0 dated 31 August 2006); FUJ00002041 (v 2.0 dated 28 February 2007); FUJ00002080 (v 3.0 dated 25 November 2008); FUJ00002277
(v 4.0 dated 26 November 2010); FUJ00002445 (v 5.0 dated 3 July 2012); FUJ00002545 (v 6.0 dated 29 October 2013)
405 FUJ00080054 (v 2.0 dated 2 September 2008); FUJ00080071 (v 3.0 dated 7 July 2009); FUJ00080109 (v 4.0 dated 26 March 2010); FUJ00080116 (v 5.0
dated 7 June 2010); FUJ00080189 (v 6.0 dated 14 September 2010); FUJ00080222 (v 7.0 dated 16 January 2012); FUJ00080239 (v 8.0 dated 18 October
2013); FUJ00120061 (v 9.0 dated 15 August 2014); FUJ00080376 (v 12.0 dated 19 July 2016); FUJ00080381 (v 13.0 dated 12 January 2017); FUJ00080394
(v 14.0 dated 12 September 2017); FUJ00234966 (v 15.0 dated 24 January 2019); FUJ00234967 (v 16.0 dated 2 April 2020); FUJ00234968 (v 17.0 dated 7
April 2020); FUJ00234969 (v 18.0 dated 3 June 2020); FUJ00234970 (v 19.0 dated 17 June 2020); FUJ00234971 (v 20.0 dated 1 September 2020);
FUJ00234972 (v 21.0 dated 31 December 2020); FUJ00234973 (v 22.0 dated 19 January 2021); FUJ00234974 (v 23.0 dated 7 April 2021); FUJ00234975 (v
24.0 dated 5 June 2021); FUJ00234976 (v 25.0 dated 8 September 2021); FUJ00234977 (v 26.0 dated 24 February 2023)
407 FUJ00002043 (v 1.0 dated 6 February 2007); FUJ00002079 (v 2.0 dated 21 January 2009); FUJ00002444 (v 3.0 dated 15 June 2012)
408 FUJ00002051 (v 1.0 dated 19 June 2007); FUJ00002058 (v 2.0 dated 20 November 2007); FUJ00002085 (v 3.0 dated 18 March 2009); FUJ00002334 (v
4.0 dated 15 December 2020); FUJ00002451 (v 5.0 dated 14 January 2013); FUJ00002571 (v 6.0 dated 26 February 2014)
408 FUJ00234979 (v WD dated 3 December 2021
Page 202 of 218
C. Third Line Support Service
WITNO6650400
WITNO06650400
Varied a'
Restated
Agreements
chedul
19, Paragraph
Table A, Row 10
Service Description for Third Line
Software Support Service
(CS/SER/009)4"°
on System:
Service Description
(CS/SER/002)*""
Ipdesk:
Engineer Service: Service
Description (CS/SER/005)*12
Service Management Service:
Service Description
(CS/SER/014)4"3
Service Description for AP
Client File Resend Service
(CS/SER/013)4%4
2. I Horizon Online
Agreements
Schedule B3.1, Paragraph 2.1,
Table A, Row 9
Service Desk Service: Service
Description
(SVM/SDM/SD/0001)41°
Third Line Support Service:
Service Description
410 FUJ00120470 (v 1.0 dated 19 December 2002)
411 FUJ00080428 (v 1.0 dated 20 December 2002)
412 FUJ00001732 (v 1.0 dated 19 December 2002) and FUJ00001802 (v 2.0 dated 15 May 2003)
413 FUJ00120444 (v 1.0 dated 31 December 2002)
414 FUJ00232524 (v 2.0 dated 20 December 2002); FUJ00001809 (v 3.0 dated 16 June 2003); FUJ00001880 (v 4.0 dated 17 May 2004); FUJ00001948 (v 5.0
dated 13 April 2005); FUJ00002003 (v 6.0 dated 12 April 2006); FUJ00232608 (v 7.0 dated 26 November 2008)
416 FUJ00080457 (v 1.0 dated 31 August 2006); FUJ00080471 (v 2.0 dated 29 September 2008); FUJ00080475 (v 3.0 dated 20 August 2010); FUJ00080477
(v 4.0 dated 16 September 2010); FUJ00080483 (v 5.0 dated 29 April 2013); FUJ00080484 (v 6.0 dated 12 March 2014).
Page 203 of 218
WITNO6650400
WITN06650400
(SVM/SDM/SD/0004)*,
Third Line Support Service:
Service Description Engineering Service: Service Section 2.3 (“Service Levels
(SVM/SDM/SD/0004)*15 Description and Remedies”)
(SVM/SDM/SD/0002)*"”
Application Support Service
(Fourth Line): Service
Description
(SVM/SDM/SD/0005)4"®
Systems Management Service:
Service Description
(SVM/SDM/SD/0006)*19
418 FUJ00002023 (v 1.0 dated 31 August 2006); FUJ00002081 (v 2.0 dated 4 September 2008); FUJ00002233 (v 3.0 dated 9 August 2010); FUJ00002453 (v
4.0 dated 18 February 2013); FUJ00002474 (v 5.0 dated 24 May 2013); FUJ00003471 (v 6.0 dated 6 October 2021); FUJ00234996 (v 7.0 dated 12 March
2024)
417 FUJ00002021 (v 1.0 dated 31 August 2006); FUJ00002041 (v 2.0 dated 28 February 2007); FUJ00002080 (v 3.0 dated 25 November 2008); FUJ00002277
(v 4.0 dated 26 November 2010); FUJ00002445 (v 5.0 dated 3 July 2012); FUJ00002545 (v 6.0 dated 29 October 2013)
418 FUJ00079997 (v 1.0 dated 24 August 2006); FUJ00080067 (v 2.0 dated 4 September 2008); FUJ00120473 (v 3.0 dated 29 October 2009); FUJ00080125
(v 4.0 dated 24 August 2010); FUJ00080235 (v 5.0 dated 13 September 2013); FUJ00080293 (v 6.0 dated 13 March 2014); FUJ00080379 (v 7.0 dated 29
November 2016); FUJ00003475 (v 8.0 dated 22 November 2021); FUJ00234997 (v 9.0 dated 5 April 2024)
419 FUJ00002024 (v 1.0 dated 31 August 2006); FUJ00002101 (v 2.0 dated 26 August 2009); FUJ00002540 (v 3.0 dated 17 October 2013); FUJ00002573 (v
4.0 dated 16 April 2014); FUJ00003034 (v 5.0 dated 12 November 2015); FUJ00003247 (v 6.0 dated 20 July 2017); FUJ00232747 (v 7.0 dated 28 September
2021); FUJ00234998 (v 8.0 dated 14 March 2024)
422 FUJ00002023 (v 1.0 dated 31 August 2006); FUJ00002081 (v 2.0 dated 4 September 2008); FUJ00002233 (v 3.0 dated 9 August 2010); FUJ00002453 (v
4.0 dated 18 February 2013); FUJ00002474 (v 5.0 dated 24 May 2013)
Page 204 of 218
WITNO6650400
WITNO06650400
Service Management Service:
Service Description
(SVM/SDM/SD/0007)42°
HNG-X Business Continuity
Framework
(SVM/SDM/SIP/0001)42!
420 FUJ00002025 (v 1.0 dated 24 August 2006); FUJ00002269 (v 2.0 dated 5 November 2010); FUJ00002511 (v 3.0 dated 19 September 2013); FUJ00002551
(v 4.0 dated 21 November 2013); FUJ00003151 (v 5.0 dated 30 November 2016); FUJ00003441 (v 6.0 dated 17 January 2020); FUJ00003474 (v 7.0 dated 8
November 2021); FUJ00234999 (v 8.0 dated 13 December 2023)
421 FUJ00002242 (v 2.0 dated 3 September 2010); FUJ00002793 (v 3.0 dated 23 March 2015); FUJ00003228 (v 4.0 dated 22 December 2016)
Page 205 of 218
1. Varied and—
Restated
Agreements
D. Fourth Line Support Service
‘Schedule 1 (Definition of Terms)
Schedule 20, Paragraphs 2.1 and
5.2
Not applicable
: Not applicable
WITNO6650400
WITNO06650400
2. I Horizon Online
Agreements
Schedule B3.1, Paragraph 2.1,
Table A, Row 14
Application Support Service
(Fourth Line): Service Description
(SVM/SDM/SD/0005)425
POLSAP Hosting Service:
Service Description
(SVM/SDM/SD/2191)424
Operational Level Agreement
for Application 4th line support
of HNGX
(SVM/SDM/OLA/0017), 42°
withdrawn on 2 April 2020426
Application Support Service
(Fourth Line): Service
Description
(SVM/SDM/SD/0005), Section
2.3 (“Service Levels and
Remedies’”)*2”
423 FUJ00079997 (v 1.0 dated 24 August 2006); FUJ00080067 (v 2.0 dated 4 September 2008); FUJ00120473 (v 3.0 dated 29 October 2009); FUJ00080125
(v 4.0 dated 24 August 2005); FUJ00080235 (v 5.0 dated 13 September 2013); FUJ00080293 (v 6.0 dated 13 March 2014); FUJ00080379 (v 7.0 dated 29
November 2016); FUJ00003475 (v 8.0 dated 22 November 2021); FUJ00234997 (v 9.0 dated 5 April 2024)
424 FUJ00120475 (v 1.0 dated 7 October 2010); FUJ00120476 (v 2.0 dated 4 November 2010); FUJ00120477 (v 3.0 dated 6 March 2014); FUJ00003335 (v
4.0 dated 27 July 2018), withdrawn on 1 October 2019 (FUJ00235005)
425 FUJ00080083 (v 1.0 dated 14 January 2010); FUJ00080232 (v 2.0 dated 5 April 2013); FUJ00232613 (v 6.0 dated 13 March 2014)
426 FUJ00234965 (withdrawn on 2 April 2020)
427 FUJ00079997 (v 1.0 dated 24 August 2006); FUJ00080067 (v 2.0 dated 4 September 2008); FUJ00080125 (v 4.0 dated 24 August 2010); FUJ00080235 (v
5.0 dated 13 September 2013); FUJ00080293 (v 6.0 dated 13 March 2014); FUJ00080379 (v 7.0 dated 29 November 2016); FUJ00120473 (v 3.0 dated 29
October 2009)
Page 206 of 218
E. Service Management Service
WITNO6650400
WITN06650400
Varied and Schedule 19, Paragraph 2.1, I Service Description for Security I Schedule 15, Paragraph 6
Restated Table A, Row 13 Management Service
Agreements (CS/SER/016)429 Schedule 15, Annex 3,
Service Management Service:
Service Description
(CS/SER/014)428
Interface Agreement for the
Problem Management Interface
Paragraphs 1 and 2
Service Level Targets for
Horizon Services
CS/IFS/008)4°
( Y (SRP/MTG/007)436
Fujitsu Services (Pathway)
Ltd/Post Office Ltd Interface
Agreement for Operational
Business Change-Reference
Data (CS/PRD/058)*9"
428 FUJ00120444 (v 1.0 dated 31 December 2002)
429 FUJ00001743 (v 1.0 dated 6 January 2003); FUJ00172022 (v 2.0 dated 2 December 2004); FUJ00232550 (v 3.0 dated 6 March 2006)
430 FUJ00079886 (v 1.0 dated 23 December 2002)
431 FUJ00232437 (v 1.0 dated 26 June 1999); FUJ00232439 (v 2.0 dated 8 July 1999); FUJ00001366 (v 3.0 dated 12 January 2000); FUJ00232462 (v 4.0
dated 11 December 2000); FUJ00232464 (v 5.0 dated 9 January 2001); FUJ00232478 (v 6.0 dated 13 July 2001); FUJ00232480 (v 7.0 dated 28 August 2001);
FUJ00232518 (v 8.0 dated 30 September 2002); FUJ00001685 (v 9.0 dated 30 October 2002); FUJ00232522 (v 10.0 dated 20 December 2002); FUJ00001833
(v 11.0 dated 27 November 2003); FUJ00232545 (v 10.0 dated 20 December 2002); FUJ00001989 (v 13.0 dated 22 February 2006); FUJ00002054 (v 14.0
dated 17 July 2007); FUJ00002177 (v 15.0 dated 3 June 2010); FUJ00002419 (v 16.0 dated 8 June 2011); FUJ00002493 (v 17.0 dated 6 September 2013);
FUJ00003141 (v 18.0 dated 10 October 2010)
436 FUJ00232507 (v 1.0 dated 5 December 2002); FUJ00232544 (v 3.0 dated 19 August 2005)
Page 207 of 218
WITNO6650400
WITN06650400
Pathway Release Policy
(PAISTR/003)"2
General Testing Policy
(VI/POL/001)433
Testing and Integration Strategy
(VIISTR/001 454
End to End Customer
Complaints Procedure
(CS/PRD/081)*95
2. I Horizon Online Schedule B3.1, Paragraph 2.1, Fujitsu Services (Pathway) Schedule C1
Agreements Table A, Row 11 Ltd/Post Office Ltd Interface
Agreement for Operational Service Level Target &
Business Change-Reference Liquidated Damages Exclusions
Data (CS/PRD/058)*°5 (SVM/SDM/PRO/0006), “46
432 FUJ00232424 (v 1.0 dated 26 November 1996; FUJ00232433 (v 2.0 dated 29 March 1999); FUJ00232435 (v 3.0 dated 28 June 1999); FUJ00232441 (v 4.0
dated 14 July 1999); FUJ00118128 (draft v 5.0 dated 16 July 1999)
433 FUJ00119498 (v 1.0 dated 1 May 199% UJ00001528 (v 2.0 dated 30 September 1996)
434 FUJ00119499 (v 1.0 dated 1 May 1996); FUJ00001273 (v 2.0 dated 30 September 1996); FUJ00001673 (v 3.0 dated 16 July 2002)
435 FUJ00079826 (v 1.0 dated 5 September 2000)
438 FUJ00232437 (v 1.0 dated 26 June 1999); FUJ00232439 (v 2.0 dated 8 July 1999); FUJ00001366 (v 3.0 dated 12 January 2000); FUJ00232462 (v 4.0
dated 11 December 2000); FUJ00232464 (v 5.0 dated 9 January 2001); FUJ00232478 (v 6.0 dated 13 July 2001); FUJ00232480 (v 7.0 dated 28 August 2001);
FUJ00232518 (v 8.0 dated 30 September 2002); FUJ00001685 (v 9.0 dated 30 October 2002); FUJ00232522 (v 10.0 dated 20 December 2002); FUJ00001833
(v 11.0 dated 27 November 2003); FUJ00232545 (v 10.0 dated 20 December 2002); FUJ00001989 (v 13.0 dated 22 February 2006); FUJ00002054 (v 14.0
dated 17 July 2007); FUJ00002177 (v 15.0 dated 3 June 2010); FUJ00002419 (v 16.0 dated 8 June 2011); FUJ00002493 (v 17.0 dated 6 September 2013);
FUJ00003141 (v 18.0 dated 10 October 2010)
448 FUJ00002051 (v 1.0 dated 19 June 2007); FUJ00002058 (v 2.0 dated 20 November 2007); FUJ00002085 (v 3.0 dated 18 March 2009); FUJ00002334 (v
4.0 dated 15 December 2010); FUJ00002451 (v 5.0 dated 14 January 2013); FUJ00002571 (v 6.0 dated 26 February 2014)
Page 208 of 218
WITNO6650400
WITN06650400
Service Management Service: withdrawn on 3 December
Service Description Interface Agreement for the 2021447
(SVM/SDM/SD/0007)*9” Problem Management Interface
(CS/IFS/008)49
Security Management Service:
Service Description
(SVM/SDM/SD/0017)*4°
Data Centre Operations
Service: Service Description
(SVM/SDM/SD/0003)*4"
End to End Customer
Complaints Procedure
(SVM/SDM/PRO/0003)442
437 FUJ00002025 (v 1.0 dated 24 August 2006); FUJ00002269 (v 2.0 dated 5 November 2010); FUJ00002511 (v 3.0 dated 19 September 2013); FUJ00002551
(v 4.0 dated 21 November 2013); FUJ00003151 (v 5.0 dated 30 November 2016); FUJ00003441 (v 6.0 dated 17 January 2020); FUJ00003474 (v 7.0 dated 8
November 2021); FUJ00234999 (v 8.0 dated 13 December 2023)
439 FUJ00079886 (v 1.0 dated 23 December 2002)
440 FUJ00088683 (v 3.0 dated 15 October 2010); FUJ00088868 (v 3.5 dated 25 November 2013); FUJ00088869 (v 4.0 dated 4 December 2013);
FUJ00088897 (v 5.0 dated 4 April 2014); FUJ00089152 (v 6.0 dated 21 May 2015); FUJ00232973 (v 8.0 dated 23 April 2023); FUJ00235003 (v 9.0 dated 25
September 2023)
441 FUJ00088181 (v 1.0 dated 31 August 2006); FUJ00232611 (v 2.0 dated 30 July 2009); FUJ00232612 (v 3.0 dated 8 October 2009); FUJ00088870 (v 4.0
dated 13 December 2013); FUJ00088896 (v 5.0 dated 4 February 2014); FUJ00089544 (v 6.0 dated 29 November 2016); FUJ00234994 (v 7.0 dated 23 June
2022); FUJ00234995 (v 8.0 dated 7 July 2023); FUJ00243145 (v 9.0 dated 30 May 2024)
442 FJ00080000 (v 1.0 dated 6 November 2006); FUJ00080034 (v 2.0 dated 24 December 2007); FUJ00080327 (v 4.0 dated 12 January 2016); FUJ00234978
(v 5.0 dated 10 February 2023)
447 FUJ00234979 (withdrawn on 3 December 2021)
Page 209 of 218
WITNO6650400
WITNO06650400
Fujitsu Services RMG BU
Release Policy (PA/STR/003)“43
HNG-X Testing Strategy
(TST/GEN/STG/0001)444
Testing Approach for HNG-X
(TST/GEN/STG/0002)*4°
443 FUJ00232424 (v 1.0 dated 26 November 1996); FUJ00232433 (v 2.0 dated 29 March 1999); FUJ00232435 (v 3.0 dated 28 June 1999); FUJ00232441 (v
4.0 dated 14 July 1999); FUJ00118128 (draft v 5.0 dated 16 July 1999)
444 FUJ00232570 (v 1.0 dated 21 March 2006); FUJ00232587 (v 2.0 dated 10 April 2008)
45 FUJ00232561 (v 1.0 dated 20 December 2006); FUJ00002064 (v 2.0 dated 10 April 2008)
Page 210 of 218
Varied and
Restated
Agreements
E. Systems Management Service
Schedule 19, Paragraph 2.
Table A, Row 7
Service Description for Systems
Management Service
(CS/SER/008)“42
th
Service Management Service
Service Description
(CS/SER/014)“49
CSR+ Horizon System
Helpdesk Processes and
Procedures Description’
(CS/PRO/092)4°°
WITNO6650400
WITN06650400
Service Description for Systems
Management Service
(CS/SER/008), Section 5
(“Service Targets and Limits”)*5"
2. I Horizon Online
Agreements
Schedule B3.1, Paragraph 2.1,
Table A, Row 7
Data Centre Operations
Service: Service Description
(SVM/SDM/SD/0003)*55
Systems Management Service:
Service Description
(SVM/SDM/SD/0006), Section
2.3 (“Service Levels and
Remedies”)*°°
448 FUJ00001734 (v 1.0 dated 18 December 2002)
449 FUJ00120444 (v 1.0 dated 31 December 2002)
480 FUJ00001761 (v 5.0 dated 25 March 2003)
451 FUJ00001734 (v 1.0 dated 18 December 2002)
483 FUJ00088181 (v 1.0 dated 31 August 2006); FUJ00232611 (v 2.0 dated 30 July 2009); FUJ00232612 (v 3.0 dated 8 October 2009); FUJ00088870 (v 4.0
dated 13 December 2013); FUJ00088896 (v 5.0 dated 4 February 2014); FUJ00089544 (v 6.0 dated 29 November 2016); FUJ00234994 (v 7.0 dated 23 June
2022); FUJ00234995 (v 8.0 dated 7 July 2023); FUJ00243145 (v 9.0 dated 30 May 2024)
458 FUJ00002024 (v 1.0 dated 31 August 2006); FUJ00002101 (v 2.0 dated 26 August 2009); FUJ00002540 (v 3.0 dated 17 October 2013); FUJ00002573 (v
4.0 dated 16 April 2014); FUJ00003034 (v 5.0 dated 12 November 2015); FUJ00003247 (v 6.0 dated 20 July 2017); FUJ00232747 (v 7.0 dated 28 September
2021); FUJ00234998 (v 8.0 dated 14 March 2024)
Page 211 of 218
WITNO6650400
WITN06650400
Systems Management Service: Service Management Service:
Service Description Service Description
(SVM/SDM/SD/0006)*°2 (SVM/SDM/SD/0007)*4
Branch Network Service:
Service Description
(SVM/SDM/SD/0011)*°5
POA Customer Service Major
Incident Process
(SVM/SDM/PRO/0001)45°
POA Operations Incident
Management Procedure
(SVM/SDM/PRO/0018)
452 FUJ00002024 (v 1.0 dated 31 August 2006); FUJ00002101 (v 2.0 dated 26 August 2009); FUJ00002540 (v 3.0 dated 17 October 2013); FUJ00002573 (v
4.0 dated 16 April 2014); FUJ00003034 (v 5.0 dated 12 November 2015); FUJ00003247 (v 6.0 dated 20 July 2017); FUJ00232747 (v 7.0 dated 28 September
2021); FUJ00234998 (v 8.0 dated 14 March 2024)
454 FUJ00002025 (v 1.0 dated 24 August 2006); FUJ00002269 (v 2.0 dated 5 November 2010); FUJ00002511 (v 3.0 dated 19 September 2013); FUJ00002551
(v 4.0 dated 21 November 2013); FUJ00003151 (v 5.0 dated 30 November 2016); FUJ00003441 (v 6.0 dated 17 January 2020); FUJ00003474 (v 7.0 dated 8
November 2021); FUJ00234999 (v 8.0 dated 13 December 2023)
485 FUJ00079996 (v 1.0 dated 31 August 2006); FUJ00080023 (v 2.0 dated 28 February 2007); FUJ00080074 (v 3.0 dated 10 June 2009); FUJ00080087 (v
4.0 dated 4 March 2010); FUJ00080252 (v 5.0 dated 25 November 2013); FUJ00080294 (v 6.0 dated 9 May 2014); FUJ00080384 (v 7.0 dated 24 July 2017);
FUJ00080400 (v 8.0 dated 5 March 2018)
45° FUJ00080054 (v 2.0 dated 2 September 2008); FUJ00080071 (v 3.0 dated 7 July 2009); FUJ00080109 (v 4.0 dated 26 March 2010); FUJ00080116 (v 5.0
dated 7 June 2010); FUJ00080189 (v 6.0 dated 14 September 2010); FUJ00080222 (v 7.0 dated 16 January 2012); FUJ00080239 (v 8.0 dated 18 October
2013); FUJ00120061 (v 9.0 dated 15 August 2014); FUJ00080376 (v 12.0 dated 19 July 2016); FUJ00080381 (v 13.0 dated 12 January 2017); FUJ00080394
(v 14.0 dated 12 September 2017); FUJ00234966 (v 15.0 dated 24 January 2019); FUJ00234967 (v 16.0 dated 2 April 2020); FUJ00234968 (v 17.0 dated 7
April 2020); FUJ00234969 (v 18.0 dated 3 June 2020); FUJ00234970 (v 19.0 dated 17 June 2020); FUJ00234971 (v 20.0 dated 1 September 2020);
FUJ00234972 (v 21.0 dated 31 December 2020); FUJ00234973 (v 22.0 dated 19 January 2021); FUJ00234974 (v 23.0 dated 7 April 2021); FUJ00234975 (v
24.0 dated 5 June 2021); FUJ00234976 (v 25.0 dated 8 September 2021); FUJ00234977 (v 26.0 dated 24 February 2023
Page 212 of 218
WITNO6650400
WITNO06650400
HNG-X Operational Test Plan —
Joint Working Document
(SVM/SDM/TP/0001)
HNG-X Support Service
Business Continuity Plan
(SVM/SDM/PLA/0001)45”
487 FUJ00232658 (v 2.0 dated 15 October 2014)
Page 213 of 218
G. Management Information Service
WITNO6650400
WITN06650400
_IContract Phase —_I Service Description —
Related Docur
ints Identified I
Liquidated Damages
Provisions a
1 : Varied and
Restated
Agreements
y Schedule 19, Paragraph 2.1,
Table A, Row 11
Management Information
Service: Service Description’
(CS/SER/015)4°°
J Network Banking MIS Reports
Design (NB/SDS/008)*°°
System Service: Reporting &
Remedial Settlement Process
(CS/PRD/104)
Data File Delivery SLA
Exclusion Conditions
(CS/PRO/133)
Network Banking MIS Reports
Design (NB/SDS/008)
Schedule 15: Pant A, Annex 3,
Section 4 (“MIS Bank Analysis
Report”)
Management Information
Service: Service Description’
(CS/SER/015)4*', section 3.4
(“Calculation of Liquidated
Damages”)
2. I Horizon Online
Agreements
Schedule B3.1, Paragraph 2.1,
Table A, Row 10
Management Information
Service: Service Description
(SVM/SDM/SD/0016)462
Transaction Time
Benchmarking, Joint Working
Document
(SVM/SDM/PRO/0017)464
Schedule B4,4: Part A, Annex 3,
Section 4 (“MIS Bank Analysis
Report”)
Management Information
Service: Service Description
458 FUJ00120479 (v 1.0 dated 20 December 2002); FUJ00001910 (v 2.0 dated 18 November 2004); FUJ00001965 (v 3.0 dated 8 July 2005)
460 FUJ00232502 (v 2.0 dated 12 July 2002); FUJ00232557 (v 3.0 dated 13 December 2004)
461 FUJ00120479 (v 1.0 dated 20 December 2002); FUJ00001910 (v 2.0 dated 18 November 2004); FUJ00001965 (v 3.0 dated 8 July 2005)
462 FUJ00120480 (v 1.0 dated 31 August 2006); FUJ00002061 (v 2.0 dated 20 February 2008); FUJ00232617 (v 3.0 dated 9 February 2010); FUJ00002276 (v
4.0 dated 24 November 2010); FUJ00002546 (v 5.0 dated 5 November 2013); FUJ00232821 (v 6.0 dated 7 January 2022)
464 FUJ00232651 (v 1.0 dated 17 July 2009)
Page 214 of 218
WITNO6650400
WITNO06650400
Data Centre Operations (SVM/SDM/SD/0016)*°",
Management Information Service: Service Description Sections 2.1 (“Service
Service: Joint Working Document I (SVM/SDM/SD/0003)*® Definition”) and 2.3 (“Service
(SVM/SDM/PRO/001 146 Levels and Remedies”)
HNG-X Testing Strategy
(TST/GEN/STG/0001)4° Management Information
Service: Joint Working
Document
(SVM/SDM/PRO/0011)4°,
section 5 (“MI Service Metrics &
Associated Liquidated
Damages”)
463 FUJ00154667 (v 0.1 dated 3 October 2007)
465 FUJ00088181 (v 1.0 dated 31 August 2006); FUJ00232611 (v 2.0 dated 30 July 2009); FUJ00232612 (v 3.0 dated 8 October 2009); FUJ00088870 (v 4.0
dated 13 December 2013); FUJ00088896 (v 5.0 dated 4 February 2014); FUJ00089544 (v 6.0 dated 29 November 2016); FUJ00234994 (v 7.0 dated 23 June
2022); FUJ00234995 (v 8.0 dated 7 July 2023); FUJ00243145 (v 9.0 dated 30 May 2024)
486 FUJ00232570 (v 1.0 dated 21 March 2006); FUJ00232587 (v 2.0 dated 10 April 2008)
487 FUJ00120480 (v 1.0 dated 31 August 2006); FUJ00002061 (v 2.0 dated 20 February 2008); FUJ00232617 (v 3.0 dated 9 February 2010); FUJ00002276
(v 4.0 dated 24 November 2010); FUJ00002546 (v 5.0 dated 5 November 2013); FUJ00232821 (v 6.0 dated 7 January 2022)
488 FUJ00154667 (v 0.1 dated 3 October 2007)
Page 215 of 218
H. Reconciliation Service
WITNO6650400
WITN06650400
1. I Varied and
Restated
Agreements
Schedule 19, Paragraph 2.1,
Table A, Row 14
Network Banking Reconciliation
& Incident Management
(NB/PRO/002)*
TPS Reconciliation & Incident
management (CS/PRO/111)47°
APS Reconciliation & Incident
Management (CS/PRO/128)47"
Data Errors & Not Data Errors -
Contractual Definitions
(CS/SER/017)472
Not applicable
Schedule 15, Annex 3, Part A,
Paragraphs 2.4 (“Data
Reconciliation Service
Measure”) and 3 (“Remedies”)
Schedule 15, Annex 3, Part B,
Paragraphs 6.9 and 6.10
Service Level Targets for
Horizon Services
(SRP/MTG/007)476
CCN 1747477
469 FUJ00120466 (v 1.0 dated 19 December 2001); FUJ00120467 (v 2.0 dated 22 January 2002); FUJ00001625 (v 3.0 dated 10 May 2002); FUJ00120468 (v
5.0 dated 19 December 2002); FUJ00120469 (v 6.0 dated 17 October 2005)
479 FUJ00079822 (v 1.0 dated 16 October 2000); FUJ00079881 (v 2.0 dated 30 April 2002); FUJ00079884 (v 4.0 dated 19 December 2002); FUJ00079976 (v
5.0 dated 17 October 2005)
47 FJ00001567 (v 1.0 dated 2 July 2001); FUJ00079885 (v 3.0 dated 19 December 2002); FUJ00001968 (v 4.0 dated 17 October 2005)
472 FJ00001738 (v 1.0 dated 20 December 2002)
476 FUJ00232507 (v 1.0 dated 5 December 2002); FUJ00232544 (v 3.0 dated 19 August 2005)
477 FUJ00234946, dated 25 January 2024
Page 216 of 218
WITNO6650400
WITNO06650400
Network Banking Data
Reconciliation Services
(CS/SER/018)475
Network Banking End to End
Reconciliation Reporting
(CS/SPE/011)474
CCN 1747475
2. I Horizon Online Schedule B3.1, Paragraph 2.1, Reconciliation and Incident Schedule B4.4, Annex 3: Part B,
Agreements Table A, Row 12 Management - Joint Working Paragraphs 5.3, 6.9 and 6.10
Document
Reconciliation Service: Service (SVM/SDM/PRO/0012)47° Schedule B4.4, Annex 3: Part B,
Description Paragraph 3
(SVM/SDM/SD/0015)478 End to End Reconciliation
Reporting Schedule B4.4, Annex 3: Part B,
(SVM/SDM/SD/0020)4° Paragraph 5.4
473 FUJ00001739 (v 3.0 dated 19 December 2002); FUJ00001921 (v 2.0 dated 11 January 2005); FUJ00001969 (v 3.0 dated 17 October 2005)
474 FUJ00232486 (v 1.0 dated 19 December 2001); FUJ00232488 (v 2.0 dated 21 January 2002); FUJ00001667 (v 4.0 dated 29 July 2002); FUJ00001687 (v
4.1 dated 4 November 2002); FUJ00001740 (v 5.0 dated 29 December 2002); FUJ00001842 (v 6.0 dated 24 December 2003); FUJ00001908 (v 7.0 dated 15
November 2004)
475 FU J00234946, dated 25 September 2023
478 FJ00079994 (v 1.0 dated 31 August 2006); FUJ00080073 (v 2.0 dated 14 July 2009); FUJ00080196 (v 3.0 dated 1 December 2010); FUJ00080254 (v 4.0
dated 3 December 2013); FUJ00003440 (v 5.0 dated 3 December 2019); FUJ00235002 (v 8.0 dated 12 February 2024)
479 FUJ00080215 (v 2.0 dated 14 June 2011); FUJ00080224 (v 3.0 dated 30 April 2012); FUJ00234980 (v 4.0 dated 24 June 2020); FUJ00243146 (v 5.0 dated
14 June 2024)
480 FUJ00080024 (v 1.0 dated 2 February 2007); FUJ00080213 (v 2.0 dated 22 June 2011); FUJ00080226 (v 3.0 dated 4 May 2012); FUJ00080386 (v 4.0
dated 4 September 2017); FUJ00003446 (v 5.0 dated 23 April 2020); FUJ00235004 (v 6.0 dated 14 December 2022)
Page 217 of 218
WITNO6650400
WITNO06650400
Schedule B4.4, Annex 3: Part B,
Paragraphs 6.9 and 6.10
Service Level Target &
Liquidated Damages Exclusions
(SVM/SDM/PRO/0006), “81
withdrawn on 3 December
2021482
Reconciliation Service: Service
Description
(SVM/SDM/SD/0015)*85,
Sections 2.1 (“Service
Definition”) and 2.3 (“Service
Levels and Remedies”)
481 FUJ00002051 (v 1.0 dated 19 June 2007); FUJ00002058 (v 2.0 dated 20 November 2007); FUJ00002085 (v 3.0 dated 18 March 2009); FUJ00002334 (v
4.0 dated 15 December 2010); FUJ00002451 (v 5.0 dated 14 January 2013); FUJ00002571 (v 6.0 dated 26 February 2014)
482 FUJ00234979 (withdrawn on 3 December 2021)
483 FUJ00079994 (v 1.0 dated 31 August 2006); FUJ00080073 (v 2.0 dated 14 July 2009); FUJ00080196 (v 3.0 dated 1 December 2010); FUJ00080254 (v 4.0
dated 3 December 2013); FUJ00003440 (v 5.0 dated 3 December 2019); FUJ00235002 (v 8.0 dated 12 February 2024)
Page 218 of 218