ocds-bidanga-NG-OP00407953
Engagement of Consultant to Enhance NIMS Security and Resilience — Nigeria Digital Identity for Development Project
Titre original : Engagement of Consultant to Enhance NIMS Security and Resilience
Deadline
December 2, 2025
Key information
- Type
- IT & Télécom
- Deadline
- December 2, 2025 at 12:00 AMClosed
- Estimated Value
- Not disclosed
- Language of Notice
- English
Description
FEDERAL REPUBLIC OF NIGERIA
NIGERIA DIGITAL IDENTIFICATION FOR DEVELOPMENT PROJECT
REQUEST FOR EXPRESSION OF INTEREST (REOI)
FOR THE
ENGAGEMENT OF CONSULTANT TO ENHANCE NIMS SECURITY AND RESILIENCE
1.0 Background
The Nigeria Digital Identity for Development (ID4D) Project, initiated by the Nigerian Government and co-financed by the World Bank, the French Development Agency (AFD), and the European Investment Bank (EIB), aims to significantly increase the number of citizens with a national ID number by establishing a comprehensive and inclusive foundational ID system. This initiative is designed to enhance access to essential services for the population. To achieve its objectives, the project focuses on improving digital enrolment infrastructure and expanding enrolment mechanisms.
The National Identity Management Commission (NIMC), based in Abuja, is responsible for executing the Nigeria Digital Identification for Development (ID4D) Project. The issuance and utilization of digital IDs are expected to foster greater participation in the digital economy and facilitate the delivery of critical services to citizens. Given the importance of the ID ecosystem, it is susceptible to cyber threats, particularly considering the evolving and increasingly sophisticated landscape of cyber-attacks. The interconnected nature of the project heightens security concerns, making robust security measures essential as digital IDs expand access to both the digital economy and vital services.
NIMC is currently certified under ISO 27001:2022 for its NIMS Backend, ensuring that its information security management practices align with industry standards. In response to the growing need for a unified approach to information security across all offices, NIMC plans to extend the ISO 27001:2022 certification to its frontend operations in the six territorial offices, as well as have an integrated management system certification encompassing multiple standards such as ISO 27001 (Information Security Management), ISO 27701 (Privacy Information Management), and ISO 22301 (Business Continuity Management). This expansion and integrated approach will further strengthen NIMC's commitment to safeguarding information assets across all operations, thereby enhancing overall governance and risk management.
The extension is vital for maintaining consistent, high-quality information security management throughout the National Identity Management System. It is to mitigates risks, ensures compliance, boosts stakeholder confidence, enhances business continuity, and supports the organization's growth. Through this initiative, NIMC reaffirms its dedication to information security while protecting its assets, data, and global reputation
Against this background, the Project Implementation Unit (PIU) now invite qualified Consulting Firm willing to participate in this important Assignment to strengthen the Security and Resilience of Nigeria’s Digital identity Infrastructure to express their Interest by obtaining the Terms of Reference and submit an Expression of Interest Document accordingly. Request for the Terms of Reference can be made by email to the addresses = [email protected]
2.0 Objectives of the Consultancy Assignment
The objective of this Assignment is to use the Terms of Reference (ToR) to engage a qualified Consultant to support the National Identity Management Commission (NIMC) in enhancing the Security and Resilience of the NIMS. The successful Consultant will among others:
- Assist NIMC in extending its ISO 27001:2022 certification to its frontend operations across six territorial offices, ensuring a unified approach to information security management.
- Facilitate the integration of multiple management standards, including ISO 27701 (Privacy Information Management) and ISO 22301 (Business Continuity Management), to bolster the overall governance and risk management framework.
- Support the development and testing of a robust Business Continuity Plan (BCP) to enhance the resilience of the National Identity Management System (NIMS) against potential cyber threats and operational disruptions.
This comprehensive approach will mitigate risks, ensure compliance, boost stakeholder confidence, and safeguard critical information assets, thereby reinforcing NIMC's commitment to protecting its data and maintaining its global reputation.
3.0 Scope of Services
The firm is required to perform the following tasks to achieve the overall goal of the assignment.
- ISO 27001:2022 Certification Extension.
- Integration of Management Standards.
- Development and Testing of Business Continuity Plan (BCP).
- Engagement of Independent Certification Body.
Details are provided in the TOR (to be issued) for the assignment.
Interested eligible Consulting firm/ Consortium may obtain further information from Project Implementation Unit, Nigeria Digital Identification for Development Project, National Identity Management Commission, PIU-Project Coordinator at [email protected] to obtain the Terms of Reference (TOR) during office hours: 0900 to 1600 hours at the address given below
Interested Consulting firm/ Consortium who have obtained the Terms of Reference and are expressing Interest should provide information demonstrating that they have the required qualifications and relevant experience to perform the services as detailed in the Terms of Reference to be issued. This must be done by submission of Organisational Profile using brochures, description of similar assignments, experience in similar conditions, general qualification of the firm (such as core business and years in business, technical and managerial capability). Key Experts will not be evaluated at the shortlisting stage.Interested firm’s attention are drawn to Section III, paragraphs, 3.14, 3.16, and 3.17 of the World Bank’s “Procurement Regulations for IPF Borrowers- Procurement in Investment Projects Financing” February 2025 (“Procurement Regulations”, setting forth the World Bank’s policy on conflict of interest.
Consultants may associate with other firms to enhance their qualifications, but should indicate clearly whether the association is in the form of a joint venture and/or a sub-consultancy. In the case of a joint venture, all the partners in the joint venture shall be jointly and severally liable for the entire contract, if selected.
A Consultant will be selected in accordance with the Quality and Cost-Based Selection method set out in the Procurement Regulations.
Further information can be obtained at the address below during office hours i.e., 9.00 a.m. to 4.00 p.m. (Local time).
Expressions of Interest Document must be received in hard copy at the address below or by soft copy to the email addresses [email protected] latest 12 noon on Tuesday 2nd December 2025 (local time)
The Coordinator,
Project Implementation Unit,
Nigeria Digital Identification for Development Project
Ecosystem Building
National Identity Management Commission (NIMC) HQ
11 Sokode Crescent, off Dalaba Street
Zone 5 Wuse, Abuja – Nigeria
Email: [email protected],
Website: www.nimc.gov.ng
Tender Timeline
Publication
November 12, 2025
Bid Submission Deadline
December 2, 2025
Evaluation & Award
Pending
Contract Signature
Pending
Tender Documents
Connectez-vous pour télécharger le dossier et être averti automatiquement de toute modification de cet appel d'offres.