One of the notable compliance obligation expected of organisations who process personal data of up to 2000 data subjects is to be audited annually before March 15.
In order to be audited, an organisation will be required to engage the services of a Data Protection Compliance Organisation (DPCO) who would submit its report to the National Information Technology Development Agency (NITDA).
However, due to the current COVID-19 pandemic, the Director-General of NITDA had initially extended the deadline for the submission of the annual data protection audit report to May 15, 2020 and has now further extended it to May 30, 2020.
Organisations that fall within this category are therefore encouraged to engage the services of a DPCO and comply with the provisions of the NDPR.