Why Your NDIS Code of Conduct Policy Matters More Than Ever
Every NDIS provider — regardless of whether you deliver Supported Independent Living (SIL), SDA, or community access — must have a documented code of conduct policy that translates the NDIS Code of Conduct into operational obligations for workers and contractors. This is not optional. The NDIS Commission can and does use the absence of, or non-compliance with, a code of conduct policy as grounds for compliance action.
With the strengthened NDIS Practice Standards now progressively applying to registered providers, the bar for documentary evidence has risen. Auditors appointed by the NDIS Commission are checking not just that a policy exists, but that it is current, understood by workers, and embedded in induction, supervision, and complaint-handling processes.
What the NDIS Code of Conduct Requires Providers to Document
The NDIS Code of Conduct (established under the National Disability Insurance Scheme (Code of Conduct) Rules 2018) sets out seven obligations that apply to providers and workers. Your policy must translate each of these into concrete, operational language:
- Acting with respect for individual rights to freedom of expression, self-determination, and decision-making.
- Respecting the privacy of people with disability.
- Providing supports and services in a safe and competent manner, with care and skill.
- Acting with integrity, honesty, and transparency.
- Promptly taking steps to raise and act on concerns about matters that might have an impact on the quality and safety of supports.
- Taking all reasonable steps to prevent and respond to all forms of violence, exploitation, neglect, and abuse.
- Taking all reasonable steps to prevent and respond to sexual misconduct.
In addition, your policy should reference your obligations under the NDIS Practice Standards (particularly the Rights and Responsibilities and Governance and Operational Management core modules), your worker screening requirements, and your complaints and incident management systems. A code of conduct policy that exists in isolation — without links to these interconnected obligations — will likely draw non-conformance findings at audit.
Free Templates: When They Work and When They Fall Short
A number of state and territory peak bodies, disability advocacy organisations, and government-adjacent websites publish free NDIS code of conduct policy templates. These have genuine value as starting points.
Strengths of free templates
- Cover the seven Code of Conduct obligations in plain language.
- Provide a document structure (purpose, scope, definitions, obligations, breach procedure) that auditors recognise.
- Suitable for sole traders, micro-providers, or providers in very early registration stages.
Common gaps in free templates
- Not updated for the strengthened Practice Standards: The 2024–2026 rolling implementation of the strengthened standards introduced tighter requirements around supported decision-making and person-centred practice. Many free templates predate this and do not reflect current expectations.
- No version control or review dates: Auditors look for evidence that policies are actively maintained. A template with no review date, no version number, and no approval signature fails this test.
- Missing worker screening integration: Your code of conduct policy should cross-reference NDIS Worker Screening Check requirements and what action is taken when a clearance lapses or a reportable incident is raised against a worker.
- Generic breach procedures: Free templates often describe a generic "disciplinary action may be taken" clause, without specifying escalation pathways, timeframes, or who holds decision-making authority — all of which auditors probe.
- No linkage to your complaint and incident management systems: The Practice Standards require integration across your quality management system; a standalone policy document does not demonstrate this.
Paid Templates: What You Get for the Investment
Paid NDIS code of conduct policy templates — typically offered by compliance consultancies, disability sector law firms, or specialist document publishers — address most of the gaps outlined above. A credible paid template should include:
- Version control fields, review schedule, and board or management approval signature block.
- Definitions section aligned to the NDIS Act 2013 and associated rules.
- Cross-references to your complaints policy, incident management policy, worker screening procedure, and whistleblower protection framework.
- A breach investigation procedure with defined roles, timelines, and escalation triggers (including mandatory reporting to the NDIS Commission).
- Alignment with the strengthened Practice Standards as they have been progressively gazetted.
- A worker acknowledgement form suitable for inclusion in personnel files.
For SIL providers, who operate under the more intensive SIL-specific Practice Standards module covering overnight support, behaviour support, and restrictive practices oversight, a paid template that includes SIL-specific obligations is worth the additional cost.
Pricing for standalone paid templates in the Australian disability sector typically ranges from modest one-off fees to annual subscription models that include updates when standards change. Before purchasing, confirm the template was last reviewed after the most recent tranche of strengthened standards took effect and that the supplier can demonstrate this.
Compliance Consultants: When to Bring in External Expertise
A compliance consultant does not just hand you a document — they assess your existing policies, identify gaps against the current audit framework, and produce a suite of interlocking documents that function as a system. This is most appropriate when:
- You are approaching your first registration audit or a re-verification audit and have never been through the process.
- You have received a non-conformance finding related to governance or worker conduct in a previous audit cycle.
- Your organisation delivers complex, high-risk supports (SIL with behaviours of concern, use of restrictive practices, forensic disability services).
- You are scaling rapidly and your existing policies have not kept pace with your workforce size or service model.
- You lack an internal compliance officer with current knowledge of NDIS Commission audit methodology.
A consultant will typically produce a code of conduct policy embedded within a broader policy suite — aligned with each applicable Practice Standards module — and will often provide evidence templates (sign-off sheets, training registers, acknowledgement logs) that directly respond to what auditors request during a site audit.
The cost is higher than a paid template, but the risk-adjusted value for SIL providers facing a mid-term audit is significant. A single non-conformance finding can trigger a corrective action plan with a fixed remediation window; a major non-conformance can delay or restrict registration.
A Practical Comparison
| Factor | Free Template | Paid Template | Consultant |
|---|---|---|---|
| Upfront cost | Nil | Low to moderate | Moderate to high |
| Audit-readiness out of the box | Partial | Good | High |
| Alignment to 2026 strengthened standards | Often outdated | Check supplier | Yes (if reputable) |
| SIL-specific content | Rarely | Sometimes | Yes (tailored) |
| Version control and review schedule | Rarely included | Usually included | Always included |
| Worker acknowledgement form | Rarely | Often | Always |
| Integration across policy suite | No | Partial | Yes |
| Best suited to | Micro-providers, early stage | Small-medium providers | SIL, complex supports, audit-due |
Minimum Content Requirements for Any Template You Use
Regardless of source, before you adopt or adapt any code of conduct policy template, check it contains all of the following:
- A clear purpose statement referencing the NDIS Code of Conduct and the NDIS Act 2013.
- Scope — who the policy applies to (employees, contractors, volunteers, students on placement).
- The seven Code of Conduct obligations, restated in your organisation's operational language.
- A definitions clause aligned to current legislative terminology.
- A breach and investigation procedure with defined roles and escalation timeframes.
- A mandatory reporting section (what must be reported to the NDIS Commission, by whom, and when).
- Cross-references to your complaints policy, incident management policy, and worker screening procedure.
- A version number, effective date, scheduled review date, and approving authority signature.
- A worker acknowledgement section or separate sign-off form for personnel files.
Keeping Your Policy Current
Purchasing or downloading a template is not a one-off task. The NDIS Practice Standards are subject to ongoing review and the strengthened framework continues to be implemented in stages. You should schedule a policy review at least annually, and also trigger an unscheduled review after any of the following: a change to the Code of Conduct Rules or Practice Standards, a non-conformance finding at audit, a significant incident involving worker conduct, or a material change to your service model.
Providers looking for an integrated approach — where the code of conduct policy sits within a complete, audit-indexed document set — may find it useful to explore a pre-built compliance kit. The 74-document audit-ready SIL compliance kit available through ndiscompliant.com.au is one option designed specifically for this purpose, covering all core and supplementary modules relevant to SIL registration.
Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.