What is the NDPA Compliance Scorecard?

The NDPA Compliance Scorecard is a free online assessment tool by QuotientSec that evaluates your Nigerian business across 9 key areas of data protection compliance under the Nigeria Data Protection Act. It provides an instant compliance rating and a prioritised action plan.

How long does the NDPA compliance assessment take?

The NDPA Compliance Scorecard assessment takes approximately 5 to 10 minutes to complete. You will answer questions across 9 compliance areas and receive your results immediately upon completion.

Is the NDPA Scorecard free to use?

Yes, the NDPA Compliance Scorecard is completely free. QuotientSec provides this tool to help Nigerian SMEs understand their current compliance status and identify areas that need improvement under the Nigeria Data Protection Act.

What compliance areas does the scorecard cover?

The scorecard evaluates 9 key areas of NDPA compliance including data collection practices, consent management, data storage and security, data processing policies, data subject rights, breach notification procedures, data protection officer requirements, cross-border data transfers, and compliance documentation.

What should I do after completing the scorecard?

After completing the scorecard, review your compliance rating and the prioritised action plan provided. For a deeper understanding of NDPA requirements, download the free NDPA Compliance Guide. If you need expert assistance with implementation, QuotientSec offers professional NDPA compliance advisory services.

Free NDPA Compliance Scorecard for Nigerian Businesses

Find out how prepared your business is for Nigeria's Data Protection Act. This free scorecard evaluates your current data handling practices, consent processes, and security controls against NDPA requirements. Answer a few quick questions and get a personalised compliance rating with actionable next steps.

Common Questions About NDPA Compliance

Who needs to comply with the NDPA?

Any organisation that collects, stores, or processes personal data of individuals in Nigeria must comply with the Nigeria Data Protection Act. This includes SMEs, startups, e-commerce businesses, healthcare providers, fintech companies, and any business that handles customer information, regardless of company size.

What happens if my business is not NDPA compliant?

Non-compliance can result in fines of up to 2% of annual gross revenue or 10 million Naira, whichever is greater. Beyond financial penalties, data breaches caused by poor compliance can damage customer trust, lead to legal action, and harm your brand reputation in the market.

How long does it take to become NDPA compliant?

The timeline depends on your current data protection practices. Businesses with basic policies in place can often reach compliance within 4 to 8 weeks with expert guidance. Companies starting from scratch may need 2 to 4 months for a full compliance programme covering policies, technical controls, and staff training.

What does the scorecard measure?

The scorecard assesses five key areas of NDPA readiness: data collection and consent practices, data storage and security measures, data processing transparency, breach response preparedness, and documentation of your data protection policies. You get a score across each area with specific recommendations for improvement.

Need help improving your score? Read our complete NDPA Compliance Guide for a step-by-step breakdown, or get in touch with our team for a tailored compliance roadmap.

Want the full compliance breakdown? Download the free NDPA Guide