Security
Audit
Terms
Everything you need to know about our free security audit tool — what it measures, what it does not, how your data is handled, and what to do with your results.
What The Security Audit Actually Is
The ConfamTips Free Security Audit is a self-assessment questionnaire designed to help individuals and small business owners in Africa understand their current cybersecurity habits and identify areas of risk.
It consists of 15 questions across five risk categories — Passwords & Authentication, Phishing Awareness, Device & Network Security, Data & Account Safety, and Incident Response. Your answers generate a score out of 100 and a personalised action plan.
This audit is an educational self-assessment tool. It is designed to raise awareness and guide improvement — not to serve as a formal technical security evaluation of your systems, infrastructure, or business.
What It Measures — And What It Does Not
Understanding the scope of this tool helps you use its results correctly. The audit is designed to evaluate your security behaviours and habits — not to technically scan or test your devices, networks, or systems.
How you create, store, and manage passwords across your accounts.
We do not scan your devices, network, or applications for technical vulnerabilities.
Your ability to recognise and respond to phishing attempts and social engineering.
We do not attempt to access, exploit, or test your systems in any way.
How you maintain, update, and use your devices and home or business network.
Results do not constitute NDPR, ISO 27001, or any other compliance certification.
Whether you have a plan for common security incidents affecting Africans.
Results cannot be used for legal, insurance, or regulatory compliance purposes.
How Your Score Is Calculated
Each of the 15 questions has four answer options scored from 0 to 3 — where 0 represents the least secure practice and 3 represents the most secure practice. Your total score across all five categories is averaged into a final score out of 100.
Answer 15 Questions
Three questions per category across five risk areas. Each answer reflects your current security habits as honestly as possible — the more accurate your answers, the more useful your results.
Category Scores Are Calculated
Each category is scored independently as a percentage from 0 to 100. This lets you see exactly which areas need the most attention rather than just an overall number.
Overall Score Is Generated
Your five category scores are averaged to produce your overall security score. Scores are classified as Well Protected (80+), Moderate Risk (60–79), At Risk (40–59), or High Risk (below 40).
Personalised Action Plan
Based on your category scores, a personalised action plan is generated with specific, prioritised steps you can take to improve your security. Urgent items are shown first.
Your score reflects your self-reported behaviours at the time of taking the audit. It is only as accurate as the honesty of your answers. A high score does not guarantee you are fully protected — it indicates that your current habits align with good security practices.
Your Data & Privacy
We designed this audit with privacy as the default, not an afterthought. Here is exactly what happens to your data when you take the audit:
Your answers exist only in your browser’s memory during the session. When you close the tab or refresh the page, everything is gone. We do not store, log, transmit, or analyse your individual answers in any way.
Specifically:
All scoring logic runs client-side. Nothing is sent to our servers.
No answer, score, or result is saved to any database or server.
No signup, login, or email address is required to take the audit.
Your score is yours. We have no way to see it, and we do not share it.
Important Limitations
We want you to get maximum value from your results while understanding what they can and cannot tell you.
This free tool is not a substitute for a professional cybersecurity audit conducted by a qualified security professional. If your business handles sensitive customer data, financial records, or critical infrastructure, we strongly recommend a formal security assessment.
Your score reflects your security posture at the moment you take the audit. The cybersecurity landscape changes rapidly. We recommend retaking the audit every 3 to 6 months or after any significant change to your devices, accounts, or business operations.
ConfamTips provides this audit as a free educational resource. We are not liable for any security incidents that occur regardless of your audit score or action plan. Following our recommendations significantly reduces risk but cannot guarantee absolute security.
When To Seek Professional Help
The free audit is the right starting point for most individuals and small businesses. However, certain situations call for professional security expertise beyond what a self-assessment can provide.
You Scored Below 40
A High Risk score indicates significant vulnerabilities. While the action plan provides a starting point, we recommend booking a free consultation with our team to understand the full scope of your exposure.
Your Business Handles Sensitive Data
If your business stores customer financial data, health records, or personal information, a professional security audit and NDPR compliance review is not optional — it is a legal requirement in Nigeria.
You Have Experienced A Security Incident
If you have been hacked, experienced data loss, received suspicious account activity, or believe you may have been compromised, contact our incident response team immediately rather than relying on a self-assessment.
Ready For A Professional Assessment?
Our security team offers a free 30-minute consultation to discuss your audit results and recommend the right level of support for your situation.