The National Disability Insurance Scheme (NDIS) Practice Standards and Quality Indicators outline the expectations and requirements for registered providers to deliver services and supports to participants. An NDIS audit checklist is an essential tool to systematically review your compliance with necessary standards and ensure a successful audit. Maintaining compliance and thoroughly preparing for audit are critical for ensuring quality service delivery and adherence to legal obligations.
What is in the NDIS Audit Process?
NDIS audits involve an Approved Quality Auditor (AQA) assessing you against the relevant NDIS Practice Standards. The type of audit you need will depend on the supports and services you provide to NDIS participants. You can choose the AQA of your choice. When engaging with an AQA, you will be required to sign a service agreement, and they will determine your audit scope and determine the type of audit you require. The AQA will then connect you with an auditor who will make contact with you to commence the audit process.
Tips for Working with NDIS Auditors
- Be Prepared: The auditor will provide you with a detailed audit plan, use the time prior to the audit to complete a mini internal audit to check against the audit scope and organise your evidence. This preparation is crucial for ensuring a successful audit.
- Be Transparent and Communicate: Provide auditors with clear, accurate information and documentation.
- Demonstrate Compliance: Highlight how your policies and practices align with NDIS Practice Standards.
- Address Findings: Promptly address any issues or recommendations raised during the audit.
Understanding the NDIS Practice Standards
- Familiarise the NDIS Practice Standards: Thoroughly review the NDIS Practice Standards, focusing on the core modules relevant to your disability services.
- Interpret Guidance Materials: Utilise resources such as the NDIS Practice Standards Guidance for Providers to understand specific requirements and evidence expectations.
- Stay Updated: Keep abreast of changes to NDIS standards or policies to ensure continuous compliance.
Audits Types and What They Mean
Verification Audit:
Verification audits are completed for providers delivering low-risk supports to the NDIS Participants. A remote desktop audit is conducted to review that systems are in place to meet the Verification Module. This is conducted every 3 years. This is a remote audit. Both verification and certification audits are essential for ensuring compliance with NDIS standards.
Certification Audit (Stage 1 and Stage 2):
Certification audits are divided into Stage 1 and Stage 2.
Stage 1
The Stage 1 Audit is a high-level document review of the providers system, including policies, procedures, forms and key personnel information. The Stage 1 audit is to confirm that systems are in place to meet the requirements of the NDIS Practice Standards to then proceed to the Stage 2 audit. The audit is generally conducted remotely, however providers can request to the AQA to have the audit onsite.
Stage 2
The Stage 2 Audit is an onsite audit and is an assessment of the implementation of the system (policies, procedures, forms, registers, handbooks) against the NDIS Practice Standards. The Stage 2 audit will include interviews with key personnel, workers and participants, review of participant and worker files, and a more in-depth look at the providers documentation. The onsite component will include Head Office, SIL sites, SDA sites and any other office locations. Sampling numbers for workers, participants and sites are determined by the AQA using a formula.
Provisional Audit
A Provisional Audit is completed where a provider has not yet commenced active service delivery, and generally applies to a new provider entering the market. A provider may also go through a provisional renewal audit, where they have yet to commence service delivery.With a provisional audit the Stage 1 and the Stage 2 audit is conducted simultaneously (no service delivery witnessing). The provisional audit will assess compliance to the NDIS Practice Standards focusing on the “intent” of the provider to commence service delivery to participants. The audit is completed onsite.
Midterm Audit
The mid-term audit is a requirement for certified providers that are registered to provide higher risk and more complex supports. It occurs mid registration cycle and must be commenced within 12-18 months from the date of registration. The audit will be focused on Division 2: Governance and Operational Management and also including onsite site visits, participant and worker sampling. Risk assessments are a crucial part of this audit to ensure that potential risks are identified and mitigated.
Condition of Registration Audit
The NDIS Commission may impose a condition on a provider’s registration for an additional audit to assess the remaining elements of certification. This condition will be imposed where the previous audit was not able to witness active service delivery and implementation. The Commission will advise the timeframes for completion of the audit within the Condition of Registration. These timeframes vary from 3 – 18 months. The timeframe will be outlined on your certificate of registration. The onsite component will include Head Office, SIL sites, SDA sites and any other office locations. Sampling numbers for worker, participants and sites are determined by the AQA using a formula. Only active registration groups will be a part of sampling.
Scope Extension Audit
This audit can be conducted at any time during the period of your registration to add on additional registration groups or modules that you would like to add to the services that you currently are registered to provide. You will also need to complete an Application for Variation of Registration Form and lodge with the NDIS Commission (this form is sent in after you have completed an audit with an AQA). This audit will be onsite.
Modified RAC Audit Audits
The modified NDIS RAC audit pathway applies only for transitioned RAC providers who are providing daily accommodation and care/support for an NDIS participant in their facility under class of support 15, or RAC providers applying to do so after 1 December 2020. The modified NDIS RAC audit provides a pathway for an eligible RAC provider to be assessed against the NDIS Practice Standards through a review by an approved quality auditor of their most recent audit against the Aged Care Standards undertaken by the Aged Care Quality and Safety Commission (‘ACQSC’). This audit will be onsite.
Corrective Action Audits
The audit is completed within 3 months of the audit where either major or multiple minor non-conformances were raised. The non-conformances need to be either down graded or closed for the recommendation to be made to the commission for registration. Recommendation cannot be made with any major non-conformances. Recommendation can be made with less than 3 minor non-conformances.
Audit Preparation Steps
- Gap Analysis: Conduct a pre-audit self-assessment to identify areas of non-conformance.
- Document Readiness: Compile all required documentation, including policies, procedures, worker qualifications, and participant records.
- Worker and Participant Engagement: Inform workers and participants about the audit process and their potential involvement as an NDIS provider.
- Mock Audits: Simulate an audit to test your readiness and refine any weak areas.
Using Technology to Streamline Audit Preparation
- Consider an NDIS software solution that automates record-keeping and compliance.
- Software that monitors, tracks, and securely stores participant, worker, and business data will be instrumental in making the audit process smooth and stress-free. These tools can help ensure compliance with the guidelines set by the National Disability Insurance Agency.
- Invest in a complete NDIS organisational platform to keep track of evidence and improve operations.
How to Maintain Compliance and Avoid Non-Conformances
- NDIS providers should have current policies and procedures in place to address the NDIS Practice Standards for the registration groups and modules that you will be audited on.
- Know and have an understanding what is in the polices and procedures and ensure that workers are aware of and have a copy or access to the policies and procedures.
- Know the NDIS Practice Standards and the Quality Indicators that you are seeking registration for.
- Use NDIS Audit Checklists, Provider+ has these available for use. Go through each of the indicators and document what evidence there is against each indicator ie: policy, register, process. If you cannot locate a document or have evidence to provide at audit, you may end up with a non-conformance. The type of non-conformance either Major or minor will depend on the level of risk and the missing evidence.
- Ensure documents are signed and dated if required.
- Educate, train and provide support to all levels within the organisation to assist their level of understanding of compliance and outline their responsibilities. You must be able to provide evidence that training has been completed. This can be on a register or certificates within the worker file.
- Complete documentation, even if the audit is provisional. The only documentation that should be as a template for provisional audits are complaints and incident registers and participant documentation. The auditor needs to see that if a participant was to engage with your service tomorrow that all essential documents are completed and meet the outcomes of the indicators and you are ready to commence active service delivery.
- Complete an internal audit and have evidence that this has been completed.
- Have Proactive Risk Management in place to identify and mitigate risks through robust planning and monitoring.
- Link complaints, incidents, meetings and internal audits to the Continuous Improvement Register.
- Have your documentation in order and know where to find documents when requested. Be organised!
- Have an understanding of the rules that apply to the services that are provided such as the NDIS (Incident Management and Reportable Incident) Rules 2018.
- Have evidence of compliance with worker screening, have the required qualifications of worker (that maybe required for some registration groups), worker training records, onboarding of worker process, onboarding of participants.
- Have evidence of meeting minutes, collaboration, feedback, in a folder.
- Maintain open communication with participants to ensure services meet their expectations and needs. Participant Support Plans need to be person centred and align with their goals.
By embedding compliance into daily operations, staying prepared for audits, and addressing non-conformances proactively, NDIS service providers can ensure they meet and exceed the expectations of the NDIS Practice Standards.