The NDPA Gap Assessment evaluates your organisation's compliance maturity across 10 chapters covering all key provisions of the Nigeria Data Protection Act 2023.
Chapters
| # | Chapter | Sections | Questions |
|---|---|---|---|
| 1 | Governance & Accountability | Sec. 24, 29 | 7 |
| 2 | Data Protection Officer | Sec. 32-33 | 5 |
| 3 | Lawful Basis for Processing | Sec. 25-26 | 7 |
| 4 | Consent Management | Sec. 26, 31 | 6 |
| 5 | Transparency & Privacy Notices | Sec. 27 | 5 |
| 6 | Data Subject Rights | Sec. 34-38 | 7 |
| 7 | Data Security | Sec. 39 | 6 |
| 8 | Breach Management | Sec. 40 | 6 |
| 9 | Cross-Border Transfers | Sec. 41-43 | 6 |
| 10 | DCPMI Registration & CARs | Sec. 44-45 | 5 |
Maturity Scoring
Each question uses a 0-4 maturity scale:
- 0 — Not Implemented: No measures in place
- 1 — Initial: Ad-hoc or informal measures
- 2 — Developing: Documented but inconsistently applied
- 3 — Defined: Formally documented and consistently applied
- 4 — Optimised: Continuously monitored and improved
Cross-Framework Propagation
Certain NDPA questions are linked to equivalent controls in other frameworks (ISO 27001, SOC 2, NIST CSF, GDPR, etc.). When you score an NDPA question at 3 or above, equivalent controls in other enabled frameworks are automatically updated — and vice versa.