"The audit of the Information System of the Institute for Education showed that the functioning and management of the Information System of the Institute for Education is unsuccessful. Based on the fact that the Information System of the Institute for Education represents a key infrastructural support for the core business of the Institute, enabling digital management of the processes of quality assurance of the work of educational institutions and monitoring the continuous professional development of employees in education, the State Audit Institution conducted an audit of the Information System of the Institute for Education, in order to assess its functionality," the statement said.
The audit, as they explained, included checking the functionality and management of the Information System.
"The State Audit Institution has determined in the course of the audit that: After the production server failed, as of February 12 this year, the Information System of the Institute for Education has been out of service, which has completely interrupted digital support for business processes. All data from the Information System of the Institute for Education has been lost. Software tools have not been upgraded, so the Information System operates on software solutions without adequate support," they emphasized.
According to them, certain units and functionalities of the ZZŠ Information System gradually ceased to be used, so only a part of the comprehensive system was used in the Institute.
“Evaluation of educational work” in the form of a report on determining the quality of educational work, accompanying activities and statistics related to the supervision of educational institutions.
"The module intended for "Continuous Professional Development", although implemented in the Information System of the Institute of Social Sciences, was never used. The lack of a Disaster Recovery Plan and a Business Continuity Plan, among other things, jeopardized the functioning of the Institute's Information System and indicated poor management. Although data storage was performed periodically, a six-monthly check of the usability of the backup copy of the data was never performed, which made it impossible to restore the system together with the database," they are clear.
The SAI adds that the architecture of the Information System has not been adapted to changes in the legal framework, nor have changed work methodologies been integrated into the Information System.
"After the cyberattack on the IT infrastructure of the Government of Montenegro (20.08.2022), the Institute for Education did not re-establish the Information System at full capacity, but introduced an improvised method of writing parts of the report using structured MS Excel files, which were subsequently entered into the IS ZZŠ. Since the cyberattack, the information system has been operating in offline mode when access for about 30 employees was enabled from one workstation. In 2024, the number of workstations was increased to four, and since February 12 of this year, the Information System of the Institute for Education has been completely inaccessible and the way employees work has changed again," they say.
In order to ensure adequate management and functioning of the Information System of the Institute for Education, as they concluded, the SAI has issued five recommendations for the implementation of which the audited entity, the Institute for Education, is obliged to submit to the SAI an Activity Plan for the implementation of the recommendations by May 17, 2026, as well as to report by October 17 on the actions taken in response to the issued recommendations.
