NDIS Practice Standards Compliance Checklist for Australian Providers
Compliance
March 9, 2026
Why regulated care providers must move beyond audit cycles and build real-time compliance systems.
If you're a registered NDIS provider, you're required to meet the NDIS Practice Standards — a set of quality and safety requirements enforced by the NDIS Quality and Safeguards Commission. These standards apply to all registered providers delivering supports to NDIS participants.
The challenge? The Practice Standards are extensive, covering everything from governance and risk management to incident handling and worker screening. Many providers — especially those managing compliance alongside day-to-day service delivery — struggle to keep track of what's required.
This checklist breaks it down into actionable items you can work through systematically.
Understanding the NDIS Practice Standards Structure
The NDIS Practice Standards are organised into core modules (applicable to all registered providers) and supplementary modules (applicable to specific registration groups). Here's the core structure:
Core Module 1: Rights and Responsibilities
Ensuring participants' rights are upheld, including choice and control, privacy, dignity, and freedom from violence and abuse.
Core Module 2: Governance and Operational Management
Sound governance, financial management, risk management, and quality assurance systems.
Core Module 3: Provision of Supports
Person-centred support planning, delivery, transitions, and continuity of care.
Core Module 4: Support Provision Environment
Safe, accessible environments for support delivery.
Supplementary modules cover specific areas like high-intensity daily personal activities, specialist behaviour support, early childhood supports, and specialist disability accommodation (SDA).
Your audit scope depends on your registration groups. Check your registration to confirm which modules apply to you.
Checklist: Rights and Responsibilities
☐ Person-centred approach documented — Service agreements reflect participant goals, preferences, and choices
☐ Privacy policy in place — Covers collection, storage, use, and disclosure of personal information (aligned with the Privacy Act 1988)
☐ Consent processes documented — Informed consent obtained for all supports, with evidence of how consent was gathered
☐ Complaints management system — Accessible process for participants to raise complaints, with documented resolution procedures and timeframes
☐ Advocacy information provided — Participants are informed about independent advocacy services
☐ Violence, abuse, neglect and exploitation prevention — Policies, training, and incident response procedures in place
☐ Restrictive practices governance — If applicable: authorisation processes, behaviour support plans, reporting to the Commission, and regular review
☐ Cultural safety — Policies and practices that respect the cultural and linguistic diversity of participants, including Aboriginal and Torres Strait Islander peoples
Checklist: Governance and Operational Management
☐ Governance framework documented — Clear organisational structure, defined roles and responsibilities, board/management oversight of quality and safety
☐ Risk management framework — Risk register maintained, regular risk assessments conducted, risk mitigation strategies in place and reviewed
☐ Quality management system — Continuous improvement plan, regular internal audits, data collection and analysis of quality indicators
☐ Financial management — Sound financial practices, participant funds managed transparently, financial reporting up to date
☐ Human resource management — Worker screening (NDIS Worker Screening Check) for all workers in risk-assessed roles, ongoing training and professional development
☐ Information management — Secure systems for record keeping, data protection, and information sharing. Records retained for minimum 7 years.
☐ Incident management system — Reportable incidents identified and reported to the Commission within required timeframes. Root cause analysis and corrective actions documented.
☐ Feedback and complaints data analysed — Trends identified and used to drive improvement
☐ Business continuity plan — Documented plan for maintaining service delivery during disruptions
Checklist: Provision of Supports
☐ Support plans in place for all participants — Individualised, goal-oriented, reviewed regularly (at least annually or when circumstances change)
☐ Assessment processes documented — Needs assessments conducted by qualified staff, documented, and used to inform support planning
☐ Progress monitoring — Regular review of participant progress toward goals, with evidence of adjustments when needed
☐ Transitions managed — When a participant enters, exits, or transitions between services, there is a documented process to ensure continuity and safety
☐ Medication management (if applicable) — Policies and procedures for safe administration, storage, and documentation of medications
☐ Mealtime management (if applicable) — Mealtime plans developed by qualified professionals for participants with swallowing difficulties
☐ Collaboration with other providers — Evidence of coordination with other services involved in the participant's care
☐ Worker competency — Staff have the qualifications, skills, and training appropriate to the supports they deliver
Checklist: Support Provision Environment
☐ WHS compliance — Work health and safety policies and procedures in place, regular hazard assessments conducted
☐ Safe environments — Physical environments are safe, accessible, and appropriate for the supports being delivered
☐ Emergency and disaster management — Emergency plans in place, staff trained, regular drills conducted and documented
☐ Equipment and assistive technology — Maintained, fit for purpose, and used in accordance with manufacturer guidelines and participant needs
☐ Infection prevention and control — Policies in place, PPE available, staff trained, outbreak management procedures documented
For Specialist Disability Accommodation (SDA) providers:
☐ Design requirements met as per SDA Design Standard
☐ Accessibility features maintained and functional
☐ Participant involvement in decisions about their living environment
What Auditors Actually Look For
Having policies on a shelf isn't enough. Here's what NDIS auditors really want to see:
Evidence of implementation. Your policies need to be reflected in practice. Auditors will ask staff how they handle specific scenarios and compare answers against your documented procedures. Consistency matters.
Staff awareness. Frontline workers should be able to explain key policies — incident reporting, complaints, restrictive practices, privacy. If staff can't articulate the basics, that's a finding.
Participant feedback. Auditors will speak with participants and their families. They want to hear that people feel safe, respected, and involved in decisions about their supports.
Continuous improvement evidence. Can you show that you've identified issues, taken action, and measured whether the action worked? A quality improvement register or log is essential.
Timeliness of incident reporting. The Commission can check whether your reportable incidents were submitted within the required timeframes. Late reporting is a common finding.
Worker screening compliance. Every worker in a risk-assessed role must have a current NDIS Worker Screening Check. Auditors will cross-reference your staff records against screening databases.
How Willow Helps NDIS Providers Stay Compliant
Willow is built for Australian healthcare and disability providers who need to manage compliance across multiple frameworks — including the NDIS Practice Standards.
Framework mapping. Willow maps your existing policies, procedures, and evidence against every NDIS Practice Standard requirement, showing you exactly where you're compliant and where gaps exist.
Evidence centralisation. Pull evidence from your existing systems — HR, rostering, incident management, clinical records — into one place. No more hunting through folders and spreadsheets before an audit.
Incident management. Log, track, and report incidents with built-in deadline tracking and escalation alerts. Generate trend reports that demonstrate your continuous improvement cycle.
Worker screening tracking. Monitor screening check expiry dates and receive alerts before they lapse.
Multi-framework support. If you're also an aged care provider, Willow covers the strengthened ACQS alongside NDIS — in the same platform. No double-handling of evidence that applies to both frameworks.
Compliance should be a system, not a scramble. Willow turns it into one.
Book a 20-minute demo to see how Willow works for NDIS providers.
Written by
James Driscoll
Writer
Latest Articles & Guides
Stay informed with the latest guides and news.
Ready to Move From Reactive to Continuous Compliance?
See how Willow supports structured governance, real-time monitoring, and audit-ready operations.