How often do SIL providers in QLD need to be audited?

Registered NDIS providers are audited at each registration renewal, which occurs on a cycle set by the NDIS Commission — typically every three years, though the Commission may require an audit sooner if concerns arise. SIL providers on the certification pathway are subject to a mid-term audit between renewal cycles as well.

What is the difference between a certification audit and a verification audit for QLD providers?

A certification audit is required for higher-risk support types including SIL, involves both a desktop document review and an on-site visit by an approved quality auditor, and covers all applicable NDIS Practice Standards modules. A verification audit is document-based only, with no site visit, and is used for lower-risk registration groups.

Do workers in QLD SIL houses need an NDIS Worker Screening Check or a Queensland Blue Card?

Workers in risk-assessed roles delivering NDIS supports in QLD require an NDIS Worker Screening Check clearance. The NDIS Worker Screening Check has replaced the need for a separate Working with Children Blue Card for work in NDIS contexts in most circumstances, but providers should confirm requirements for their specific worker cohort, particularly where workers also support children.

What happens if a restrictive practice is used without proper authorisation in QLD?

Using a regulated restrictive practice without a current, Commission-registered behaviour support plan and the required state-based authorisation in QLD is a serious non-conformance and may constitute a reportable incident. The NDIS Commission can take regulatory action, including conditions on registration or suspension, and the matter may also engage state-based disability and guardianship legislation.

Can QLD providers appeal an NDIS audit finding?

Yes. Providers who disagree with an audit outcome or a Commission decision made on the basis of audit findings can seek internal review by the NDIS Commission and, where unsatisfied, apply to the Administrative Review Tribunal (formerly the AAT) for external merits review. It is advisable to seek legal advice before lodging a review application.

How long before our registration renewal should we start preparing for an NDIS audit?

Most experienced SIL providers in QLD begin audit preparation at least six to twelve months before their registration renewal date. This allows time to conduct a gap analysis, address non-conformances, book an approved quality auditor (who may have a waiting list), and complete a mock review before the formal audit.

NDIS Audit Preparation in QLD (2026 Guide)

What the 2026 Strengthened Framework Means for QLD Providers

The NDIS Commission's strengthened Quality and Safeguarding Framework, progressively rolled out from late 2024 and fully effective across registration renewals in 2026, has raised the bar for all registered NDIS providers in Queensland. The changes affect how auditors assess governance, incident management, worker screening, and — most significantly for SIL providers — behaviour support and restrictive practice authorisation.

Queensland was already operating under a state-based NDIS transition, and providers in QLD must meet both the NDIS Practice Standards and any remaining Queensland Health or disability-specific requirements that operate concurrently. If your registration is up for renewal in 2026, preparing systematically — not last-minute — is the only reliable path to a conformant outcome.

Who Needs an NDIS Audit in Queensland

Every registered NDIS provider in QLD is subject to audit. The type and intensity depend on your registration group:

Certification audit — required for higher-risk supports, including SIL (support item 01_017 and related group-home supports), specialist behaviour support, plan management, and early childhood supports. Certification involves a full desktop review plus an on-site visit by an approved quality auditor.
Verification audit — required for lower-risk, lower-complexity supports. This is a document-based review only, with no site visit required.

SIL providers almost universally fall under the certification pathway. If you deliver 24/7 support in a shared or individual living arrangement, expect a comprehensive on-site audit that includes interviews with participants, support workers, and management.

The NDIS Practice Standards: What Auditors Check

Approved quality auditors assess providers against the NDIS Practice Standards, which are organised into a core module and supplementary modules. For SIL providers, the relevant modules typically include:

Core Module — rights and responsibilities, governance, operational management, the provision of supports, and support planning
Module 2: Specialist Support — high-intensity daily personal activities
Module 3: Implementing Behaviour Support Plans — if restrictive practices are used
Module 4: Early Childhood Supports — if applicable

Under the strengthened standards, auditors place heightened weight on demonstrated outcomes for participants, not just the existence of policies. A policy binder is not sufficient evidence. Auditors want to see that systems are genuinely embedded in daily practice.

Step-by-Step: How to Prepare for Your QLD NDIS Audit

Confirm your audit type and registration groups
Log in to the myNDIS provider portal and verify which registration groups and support purposes are attached to your registration. This determines which Practice Standards modules apply and whether you face certification or verification.
Appoint an approved quality auditor early
The NDIS Commission publishes a list of approved quality auditors on its website. Contact at least two or three auditors well in advance of your renewal date. Audit slots fill quickly, particularly for QLD-based SIL providers ahead of annual registration cycles.
Conduct an internal gap analysis
Map your current policies, procedures, and evidence against every standard and indicator in your applicable modules. Use the Practice Standards indicators as a line-by-line checklist. Identify where you have documented policies but weak operational evidence, and where you have neither.
Gather and organise your evidence portfolio
Auditors expect to see evidence that is current, accessible, and participant-specific. Typical evidence categories include:
- Current support plans and participant goal reviews
- Incident reports and outcomes (including escalation and review records)
- Worker screening clearances (NDIS Worker Screening Check for all workers in risk-assessed roles)
- Staff training records (Code of Conduct, mandatory reporting, restrictive practices, first aid)
- Complaints register and resolution records
- Behaviour support plans and NDIS Commission authorisation records for restrictive practices
- Governance documents: board or management meeting minutes, risk register, financial accountability records
Review your incident management system
Under the strengthened framework, the NDIS Commission has clarified and in some areas tightened reportable incident obligations. All SIL providers must have a documented incident management system, a clear classification guide, and evidence of timely reporting to the Commission where required. Review your last 12 months of incident data and confirm every reportable incident was lodged within the required timeframe.
Audit your restrictive practice records
In QLD, the use of regulated restrictive practices requires both an NDIS behaviour support plan prepared by a registered specialist, and state-based authorisation. Confirm that every participant for whom a restrictive practice is used has a current, NDIS Commission-registered plan, and that your reporting to the Commission is complete and up to date.
Prepare your team for interviews
During a certification audit site visit, auditors will speak directly with support workers and, where appropriate and consented to, with participants. Prepare your workforce by running through the Code of Conduct obligations, the rights of participants, your complaints process, and how incidents are reported. Workers should be able to describe these in plain language without prompting from management.
Run a pre-audit mock review
At least four to six weeks before your scheduled audit, conduct an internal mock audit. Assign someone outside your daily management role to challenge your evidence portfolio against the Practice Standards indicators. Document findings and resolve any non-conformances before the auditor arrives.

Common Non-Conformances Found in QLD SIL Audits

Based on patterns in NDIS Commission audit outcome data and publicly available regulatory guidance, QLD SIL providers most commonly receive non-conformances in the following areas:

Area	Common Finding	How to Address It
Worker screening	Workers in risk-assessed roles without a current NDIS Worker Screening clearance	Maintain a live register of all clearance expiry dates; do not permit commencement until clearance is confirmed
Support planning	Support plans not reviewed within agreed timeframes or not reflecting participant goals	Implement a scheduled review calendar; document participant consent and involvement in each review
Incident management	Incidents recorded internally but not reported to the NDIS Commission where required	Train all supervisors on the reportable incident categories; assign a designated person to check the register weekly
Restrictive practices	Practices being used without a current behaviour support plan or without state authorisation	Engage a registered specialist; audit all active plans for currency and authorisation status before the audit date
Complaints handling	Complaints register incomplete or resolutions not documented	Standardise your complaints intake form; require a documented outcome for every complaint within your policy timeframe

A Policy Excerpt: Sample Incident Classification Language

The following is a realistic example of the type of language an NDIS Commission auditor expects to find in a compliant incident management policy. This is illustrative only — adapt it to your organisation's specific context and legal advice:

Incident Classification — Reportable vs Non-Reportable

All staff are required to report incidents to their direct supervisor within four hours of the incident occurring or being discovered. The supervisor will classify the incident using the NDIS Commission's reportable incident categories, which include: the death of a participant; serious injury; abuse or neglect; unlawful sexual or physical contact; use of a restrictive practice not in accordance with an authorised behaviour support plan; and missing persons.

Where an incident meets the definition of a reportable incident, the Compliance Officer will lodge a report via the NDIS Commission online portal within 24 hours of the organisation becoming aware. A five-day follow-up report will be submitted as required. All incidents, regardless of whether reportable, are recorded in the organisation's incident register and reviewed at monthly management meetings.

Getting Audit-Ready: Documentation Toolkit

Pulling together compliant policies, templates, and evidence frameworks from scratch is one of the most time-consuming aspects of audit preparation. Providers who are time-poor or approaching their first certification audit often find that starting from a structured document set significantly reduces preparation time and reduces the risk of policy gaps. The team at ndiscompliant.com.au offers a 74-document audit-ready SIL compliance kit designed specifically for providers operating under the current and strengthened NDIS Practice Standards — including policies, registers, and evidence templates that map directly to Practice Standard indicators.

Whether you use an off-the-shelf kit or build from scratch, the key is to ensure every document is tailored to your actual operations rather than treated as a generic template.

After the Audit: Managing Non-Conformances

If your audit results in a non-conformance finding, the NDIS Commission will typically set a timeframe within which you must provide evidence of remediation. Minor non-conformances may carry a longer timeframe; major non-conformances require urgent action and may affect your registration status. Respond promptly, provide specific evidence of corrective action, and document what systemic changes you have made to prevent recurrence.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.