Font size

To magnify the text and elements, you can use:

CTRL + zoom in
CTRL - zoom out

In case of website accessibility problems, please e-mail us to webmaster.rsrs@rs-rs.si. You are also welcome to give us recommendations and feedback regarding your website experience.

 

Accessibility

The content of the website of the Court of Audit is designed with the purpose to provide universal access to all of the published information – to anyone, at all times, and free of charge. Since the principle of universal access is limited by the health conditions of the users (i.e. visual, motion, hearing, cognitive and linguistic limitations) and technical limitations, we paid special attention to them and tried to adjust the website by considering the following recommendations:

  • font size may be adjusted,
  • key images are equipped with descriptions,
  • there are no moving pictures (GIFs),
  • names of the links are descriptive,
  • videos are mostly subtitled.

The website is optimised for multi-device browsing (computer, tablet, mobile phone) and compatible with different website browsers and software. Recommended is the use of the latest version of website browsers whenever it is possible to provide a better support to the users with disabilities and special needs.Despite the fact that we are aiming to increase the accessibility and usability of our website to the greatest extent possible, all the elements do not provide for the optimisation of the complete accessibility.

Therefore, some published contents do not meet all the demands related to accessibility as defined by the Accessibility of Websites and Mobile Applications Act. Those deficiencies are:

  • we use PDF format for documents:
    • audit reports and other reports with short summaries that are available in text (doc and docx documents) and
    • various presentations (i.e. infographics, posters, manuals);
  • home page provides three elements with scroll box for automatic rotation with limited use of the manual override;
  • photographs and other images are used for visual supplementing of contents related to news and articles; photographs and images are subtitled, include data about source and alternative text, but do not include detailed descriptions or transcriptions of texts, since the adjustment would cause disproportionate burden;
  • schematic presentation of organisational structure of the Court of Audit;
  • documentation of concluded public calls was not adapted, since interference with public procurement documentation of completed public calls is not allowed; when preparing the next public call, we shall follow the standards of accessibility.

Letter of access

Audit

Managing business continuity at the public company JP VOKA SNAGA d.o.o.

Last change:
1. 2. 2022

Audit data

Auditee(s)

Audit goal:

To express an opinion on the efficiency of the public company JP VOKA SNAGA d.o.o. in managing business continuity in the field of drinking water supply.

Audited period:
2019 - 2020

Decision:
Decision no.: 321-1/2020/2
Date: 26. 8. 2020

Notes:

Efficiency of the public utility company VODOVOD KANALIZACIJA SNAGA d.o.o. in managing business continuity in the field of public drinking water supply

 

The Court of Audit implemented the audit of efficiency of the public utility company VODOVOD KANALIZACIJA SNAGA d.o.o. (hereinafter referred to as: VOKA SNAGA) in managing business continuity in the field of public drinking water supply in the period from 1 January 2019 to 31 December 2020. According to the opinion of the Court of Audit, VOKA SNAGA was partially efficient in managing business continuity in the field of public drinking water supply.

VOKA SNAGA as essential service provider supplies drinking water to more than 330,000 users in the Municipality of Ljubljana and several neighbouring municipalities. Although it did not explicitly define business continuity within its internal documentation, it did, however, manage secure and reliable drinking water supply in accordance with the requirements of ISO 22301:2019 standard regarding business continuity and other organisational policies, including a common risk management strategy. The VOKA SNAGA management was committed to the provision of secure and reliable drinking water supply and, together with its employees, appropriately managed risks connected to drinking water supply as well as carried out continuous process improvement related to the respective field. VOKA SNAGA set up an incident management and monitoring system, including a very well devised events notification system and well managed documentation system. VOKA SNAGA had no explicitly prepared and adopted business continuity strategy, policy and plan, but the company's risk management system, processes and related activities for managing secure and reliable drinking water supply did enable an uninterrupted drinking water supply. Although VOKA SNAGA failed to include business continuity testing into a pre-prepared business continuity plan (as it did not have one), it did test, monitor and check all the crucial elements of acquiring and supplying drinking water. In accordance with quality assurance organisational guidelines, it conducted internal assessments to ensure an integrated management system operation, the performance of which was ensured also through individual systems where the organization's requirements regarding drinking water supply procedures were checked.

VOKA SNAGA prepared a formal document Information Security Policy and Policy on Continuous IT Support to Essential Water Supply. This document respectively the information security policy was aligned with the requirements of the Information Security Act but was not appropriately integrated into the company's management and quality system. The Information System Recovery Plan was too general and not detailed enough to be used in the case of actual emergency or disaster since it lacked precise response plans. General response actions were defined, they were, however, not integrated with other processes within VOKA SNAGA. Additionally, VOKA SNAGA had no complete information system disaster recovery plans which it could test in practice and which would aid in recovering specific components and systems after a disaster. Information system support provider for VOKA SNAGA had no detailed internal instructions for data restoration. It did, however, occasionally conduct partial data restoration and virtual servers' restoration from backups. VOKA SNAGA also did not prepare instructions for post-restoration information system analysis of water supply services.

The Court of Audit did not demand from VOKA SNAGA to submit a response report, but it proposed several recommendations to further improve existing situation. VOKA SNAGA implemented several recommendations even before the publication of the audit report.

 

 

Share