IT Project Clearance

The reasons for IT Projects Clearance are to ensure:

  • i. That IT projects are not replicated;
  • ii. Integration of systems and services by Federal Public Institution to save costs, promote shared services, interoperability and improve efficiency;
  • iii. That there is an indigenous capacity for after-sales-service to sustain the project beyond the initial deployment; and
  • iv. That the project promotes indigenous content and that preference shall be given to indigenous companies where capacity or the product or service exists.

For more information, kindly read Guidelines for Clearance of Information Technology (IT) Projects by Ministries, Departments and Agencies (MDAs)

Only IT related projects should be submitted to NITDA for Clearance

All projects are expected to be submitted via the visit IT Projects Clearance portal

For more information, please see Requirements for Registration on the IT Projects Clearance portal.

All proposed IT projects are expected to be submitted to NITDA for Clearance at their Conceptualization stage.

Currently, there is no minimum estimated amount. All proposed IT projects are expected to be submitted to NITDA for Clearance.

The IT Projects Clearance team will communicate within 21 working days

NO. The Conditional Clearance cannot be used by Federal Public Institution for implementation of its IT project.

Scholarship

This will depend on your performance at the scholarship examination and interview. Every applicant has equal opportunity.

You cannot, NITDA will provide a list of universities that it has collaboration with, which you can choose from depending on your area of study.

Adverts will be placed in national dallies and on the NITDA website and Scholarship portal

NITDEF is the National Information Technology Development Fund Scholarship which is meant for Nigerian graduates, who have made a First Class or Second Class Upper in any IT related course. The scholarship covers only Msc and PhD.

After application, shortlisted candidates will be required to write an aptitude test, upon which the scholarship will be awarded to two candidates with the highest scores, one person selected from each state for MSc and one person per geopolitical zone for PhD. Note: that the PhD scholarship is only for lecturers in Higher Institutions

Yes, the Scholarship cover local Universities.

IICP Registration

You can obtain this licence/certificate by visiting Indigenous ICT Company Registration Portal to register your company and upload all the necessary documents listed out by the Agency and submit.

Registration is free.

No, your company must have a government domain name for you to register

You can visit NiRA to get list of accredited registrars and chose one that can register a domain for you.

Upon successful registration and upload of all necessary documents, verification will be done. When NITDA is satisfied with all the documents submitted, a provisional license that will last for six (6) months will be provided to you within a period of 10 working days.

All necessary documents needed to obtain the registration certificate are listed on the online registration portal Indigenous ICT Company Registration Portal

No, It is mandatory to submit verifiable documents before registration certificate can be issued.

The Provisional license last for Six (6) months, while the original Certificate last for Two (2) years.

Renewal at the moment is automatic and is done by returning the expired one and upon citing updated necessary documents submitted at the initial application stage. However this can be change at the discretion of NITDA management.

All complaints concerning the registration process can be sent to the Agency mail info@nitda.gov.ng that is managed by the Servicom Unit or to the registration desk officer.

When such issues arise and since we are yet to establish first contact with you, the best option is to send a message to the Agency mail info@nitda.gov.ng stating your challenges and how to reach you.

NITDA Academy

NITDA Academy training programs are meant for staff who are in the Ministries, Departments and Agencies (MDAs), Students, special interest groups, Researchers and the General Public.

A wide variety of courses are offered ranging from digital literacy, networking, cybersecurity, programming, Internet of Things (IoT) , Big Data, Artificial Intelligence (AI), Embedded Systems Designs and digital entrepreneurship among others.

Many of the courses can be self-enrolled or instructor can enroll students, however, you need to simply register first on the website. To register simply navigate to NITDA Academy’s home page, click “REGISTER” on the top right corner of the page and you will be brought to the registration page. Fill in your details and click on “SUBMIT” to create an account.

You create your login details during registration. Your username is always your email address and you can create a password of your choice. To log in simply go to NITDA Academy’s home page, click “LOGIN” on the top right hand corner of the page and you will be brought to the login page. Enter your username and password. You will then be brought to your Member’s area.

– If you forget your password, don’t worry. Click on “login” on the homepage and this will take you to the login page. You will see a “forgot password” link under where you enter your login details. Click on “forgot password” and an email will be sent to your email address in order to reset your password.

NITDA Academy provides free access to self-enroll courses and free access and training for instructor led courses offered by our top industry partners such as Cisco and Huawei etc. However, industry certification exam vouchers are not free.

Different courses have different durations based on content and difficulty level.

Yes. However, other conditions may apply such as assessment and examinations

The choice is yours whether to enroll for another course or an advance component of the course.

Data Protection

The objectives of the NDPR are: data privacy protection; secure exchange of data; improve business environment and create sustainable jobs.

The NDPR applies to all residents of Nigeria; all Nigerians within and outside Nigeria.

The Regulation came into effect on 25th January, 2019. A major advertorial was carried in four major national dailies between 14th and 15th of February, 2019 to sensitize people on this. The grace period elapsed by 25th of July, 2019 and extended till 25th October, 2019.

Processing is defined in Article 1.3(r) as follows: “Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction; …

NITDA is empowered to regulate electronic data use in Nigeria. Section 6(a and c) of the NITDA Act 2007 makes this clear. This provision makes it clear that NITDA has the authority to regulate data from any electronic or digital platform. A breach of NITDA regulation is a breach of the NITDA Act as provided by Section 17 and 18 of the Act. Therefore, a breach of this Regulation is enforceable in the Nigerian court.

The NDPR recognizes the need for cross-border transfer of data in an era of globalized and high-speed business transactions. Article 2.11 of the Regulation, which relates to Transfer to a Foreign Country, addresses this concern. To comply with the provision and other aspects of the Regulation, the Data Controller would provide the following:

  • i. The List of Countries where personally identifiable information of Nigerian citizens are transferred in the regular course of business.
  • ii. The Data Protection laws and contact of National Data Protection Office/Administration of such countries listed in i) above.
  • iii. The privacy policy of the Data Controller, compliant with the provisions of the NDPR.
  • iv. Overview of encryption method and data security standard
  • v. Any other detail that assures the privacy of personal data is adequately protected in the target country.

These information may be captured in the annual data audit report where the transfer is done in the regular course of business

The NDPR does not mandate private businesses to host data only on local servers, although this is highly encouraged. Government data as well as critical national data in the custody of private organisations must however be hosted in-country. Where hosted abroad, the Data Controller, should however, provide NITDA with the countries where such servers are located and their data protection policies.

NITDA does not accept audit report by non-licensed third-party auditors. The Data Controller may encourage its auditors to obtain the Data Protection Compliance Organisation (DPCO) license or alternatively deal with NITDA licensed DPCOs. Every audit report required under the Regulation must be accompanied by a Verification Statement by a licensed DPCO.

Except for other specified purposes or request by NITDA, Data Controllers are expected to file their data audit report annually before the 15th of March of the following year.

A “Data Protection Compliance Organization (DPCO)” means any entity duly licensed by NITDA for the purpose of training, auditing, consulting and rendering services and products for the purpose of compliance with the NDPR or any foreign Data Protection Law or Regulation having effect in Nigeria. In essence any organization that wishes to provide any form of data privacy protection service to Nigerian companies must acquire this license. Submission of annual audit report by Data Controllers must be accompanied by a verification statement by a licensed DPCO.

Article 2.11 of the NDPR provides: Any transfer of Personal Data which is undergoing processing or is intended for processing after transfer to a foreign country or to an international organisation shall take place subject to the other provisions of this Regulation and the supervision of the Honourable Attorney General of the Federation (HAGF).

Data Controllers do not require permission of the Attorney-General for every transfer of Data outside Nigeria. In transferring data abroad, Data Controllers shall provide the following information to NITDA through their annual audit report or where specifically requested by NITDA.

  • i. The List of Countries where Nigerian citizens personally identifiable information of Nigerian citizens are transferred in the regular course of business.
  • ii. The Data Protection laws and contact of National Data Protection Office/Administration of such countries listed in i) above.
  • iii. The privacy policy of the Data Controller, compliant with the provisions of the NDPR.
  • iv. General overview of the data protection mechanism to protect Nigerian citizens’ data.

NITDA shall relate with the Office of the Attorney General of the Federation to seek guidance on Nigerian legal position on any aspect of the Regulation or where there is a breach of private data in a foreign jurisdiction.

The Controller may through its appointed DPCO file a request for extension, stating the processes already initiated and other information to show commitment to compliance.

NO! there is no need to file audit report, however it is essential to conduct the audit for future reference.

The report, accompanied with requisite payment, is to be submitted through a DPCO to NITDA.

NO! Organisations who implement demonstrable corrective measures after filing IDAR are exempt from filing 2019 Annual Audit Report which expires on 30th June, 2020

  • Filing of Report of less than 5,000 Data Subjects N10,000
  • Filing of Report of more than 5,000 Data Subjects N20,000
  • Pay into NITDA TSA account. In the Description, write- XXXXXX LTD AUDIT FILING. (Note that the GIFMIS number is not a mandatory field)
  • NO! filing of audit report must be done through a DPCO
  • i. Breach of personal data by a non-compliant Controller or Processor would attract criminal and administrative sanctions
  • ii. Data Subjects have the right to take civil actions against the Controller on the basis of the NDPR
  • iii. Business implication of non-compliance include brand image damage, loss of customers, restriction from international market opportunity; lack of support from national Supervisory Authority against foreign investigation of breach by an international authority.
  •  
  • NO! Professionals are not restricted from performing their professional duties; however, only licensed DPCOs can provide verification statement on an audit report. Also, request for recognition of data protection training, services or products is predicated on licensing as a DPCO except management deems otherwise.

Domain Name Registration

There are two ways to register a .GOV.NG domain name as provided for on NITDA website https://nitda.gov.ng/gov-ng-domain-registration. You can either send a written application to National Information Technology Development Agency (NITDA) or Nigeria internet Registration Association (NiRA) through any of the accredited registrars. See https://www.nira.org.ng/accredited-registrars for the list of accredited registrars and you may contact them.

All websites/portal of government constituents at all levels (Federal, State and Local governments) or specialized projects of government that would last for 18 months or more are required to register on .GOV.NG zone.

Currently, NITDA charges no fee for .GOV.NG domain name registration and update. However, if a .GOV.NG domain name is registered through a NiRA accredited registrar, it is expected that the registrar would charge a consultancy fee. The charged fee varies from one registrar to another.

No. This is not possible. The information is needed to populate the registry at the time of creating the domain.

The admin contact must be a member of staff of the institution/MDA while the technical contact can either be a member of staff of the MDA or a consultant to the institution/MDA where a technical staff is not available.

The letter must be addressed to the Director General of NITDA and a scanned/Advance copy can be submitted to domains@nitda.gov.ng while the hard copy is sent to NITDA.

To update registration information through NITDA, an authorization letter containing the information to be updated should be communicated to NITDA through the email domains@nitda.gov.ng The letter should be signed by the most senior officer and must include the contact phone number for verification.

NITDA uses domains@nitda.gov.ng and phone numbers 08140504418, 08119131085 and 08119130085 for domain management related issues.

Domains are in levels. For example nitda.gov.ng is a third label domain while judiciary.kn.gov.ng is a fourth level domain. While Federal MDAs only, are allowed to be on third level domain, agencies of state government and local government must be on the forth level and the zone of their states. Available zones are ab.gov.ng ad.gov.ng ak.gov.ng an.gov.ng be.gov.ng bo.gov.ng bu.gov.ng by.gov.ng cr.gov.ng dl.gov.ng eb.gov.ng ed.gov.ng ek.gov.ng en.gov.ng gm.gov.ng im.gov.ng jg.gov.ng kb.gov.ng kd.gov.ng kg.gov.ng kn.gov.ng kt.gov.ng kw.gov.ng lg.gov.ng na.gov.ng ni.gov.ng og.gov.ng on.gov.ng os.gov.ng oy.gov.ng pl.gov.ng rv.gov.ng sk.gov.ng tr.gov.ng yb.gov.ng zm.gov.ng abj.gov.ng

You will need to visit https://whois.nic.net.ng to check the availability of any domain of your choice before you make your request.

If all requirements are provided in the authorization letter and NITDA is able to verify the authenticity of the contents of the letter, the approval, registration and/or update is carried out within 24 hours.

NITDA does not host domains. However, all government domains and websites are expected to be hosted locally and any violation of this will attract sanctions as stipulated in the Nigeria Data Protection Regulation.