Analytics and cookies

We use analytics cookies to understand which pages and calls to action are working. You can accept or decline non-essential tracking.

Essential site functionality continues either way. You can review the details in our Privacy Policy.

Complynce

NDIS

NDIS Audit Readiness Checklist

A practical NDIS audit readiness checklist for provider profile, Practice Standards, participants, workforce, incidents, complaints, risk and evidence.

10 min read | 2026-05-14

Start with audit scope

NDIS audit readiness starts with scope. A provider should know whether the audit relates to verification, certification, registration renewal, a changed registration group, a regulator request or an internal governance review.

Without clear scope, teams often collect too much evidence in some areas and miss high-risk records in others.

  • Confirm registered or unregistered status.
  • List registration groups and services delivered.
  • Identify applicable Practice Standards modules.
  • Record locations, key personnel and responsible managers.
  • Confirm whether SDA, behaviour support, restrictive practices, plan management or high intensity supports apply.

Evidence that should be ready before the audit

Auditors and internal reviewers need to see that the provider has systems in place and that those systems are actually used. A policy is useful, but the matching register, records, reviews and corrective actions are what show implementation.

  • Current provider registration and registration group evidence.
  • Policies for complaints, incidents, privacy, safeguarding, worker screening, risk and continuous improvement.
  • Worker screening register, training matrix and competency records.
  • Participant sample files with service agreements, plans, consents, risk assessments and review notes.
  • Incident and complaint registers with investigation outcomes and improvement actions.
  • Risk register, improvement register and management review records.

Common audit gaps

The common failures are rarely dramatic. They are usually small evidence breaks repeated across many records: no owner, no review date, no link to an obligation, expired screening, missing participant consent, or a complaint that was resolved but never converted into an improvement.

  • Evidence uploaded but not linked to a Practice Standard or obligation.
  • Participant files missing service agreement or consent evidence.
  • Worker records missing screening expiry, induction or Code of Conduct acknowledgement.
  • Incidents closed without root cause, participant communication or corrective action.
  • Complaints resolved informally but not logged.
  • Policy reviews overdue or missing approval history.

How to make audit readiness sustainable

The strongest providers do not prepare for audit only when the audit date arrives. They keep a live evidence position throughout the year. That means every incident, complaint, worker update, participant review and policy change feeds the audit trail as it happens.

  • Assign an owner and review cycle to every major compliance record.
  • Use alerts for expiring worker screening, policies, participant plans and corrective actions.
  • Review evidence gaps monthly.
  • Export an internal audit pack quarterly.
  • Track lessons from incidents and complaints in a continuous improvement register.

Next step

Want to see this inside an NDIS provider workspace?

Book a short walkthrough and we will map the guide to provider profile, Practice Standards, participant files, worker screening, incidents, complaints and audit-ready exports.

Book an NDIS demoExplore NDIS module

Related Reading

NDIS audit readiness template

Use the matching template to structure an audit evidence review.

Open guide →

Best NDIS compliance software Australia

Compare the systems providers use to manage NDIS audit readiness.

Open guide →