What is the difference between a corrective action and a preventive action in an NDIS CAP?

A corrective action fixes the specific gap that was found — for example, completing overdue risk assessments. A preventive action changes the underlying system so the gap cannot recur — for example, adding an automated reminder to the quality calendar and embedding the check in a monthly compliance checklist. Both are required for a CAP to satisfy the NDIS Practice Standards continuous improvement outcome.

Does the NDIS Commission have a standard corrective action plan template?

No. The NDIS Commission does not prescribe a fixed template. Approved quality auditors may supply their own format, or providers may use their own, provided it captures the key elements: non-conformance description, root cause, specific actions, responsible person, target date, and verifiable evidence of completion.

Can a corrective action plan be rejected by an auditor?

Yes. Auditors can assess a submitted CAP as insufficient if the actions are vague, the root cause is missing, no evidence of completion is specified, or the plan does not address systemic prevention. In that case the auditor will require a revised CAP before the non-conformance can be marked as resolved.

Do SIL providers face stricter corrective action requirements than other NDIS providers?

SIL providers are subject to certification audit (not just verification), which involves a more detailed assessment against the Core and relevant Supplementary Practice Standards. Because SIL involves 24-hour living support, auditors scrutinise environmental safety, incident management, and restrictive practices more closely, making a well-maintained CAP register particularly important.

How many corrective action plans should we expect from a typical certification audit?

This varies considerably by organisation size, preparation, and how recently internal audits have been conducted. A well-prepared SIL provider might receive zero to three minor non-conformances. Providers who have not conducted internal audits or who lack documented policies in key areas may receive more. The presence of CAPs is not inherently a negative signal — auditors look at how well they are managed and closed.

NDIS Corrective Action Plan: A Worked Example

Q: How long do we have to submit a corrective action plan after an NDIS audit finding?

The timeframe is agreed with your approved quality auditor and depends on whether the finding is a minor or major non-conformance. Minor non-conformances typically allow 30 to 90 days. Major non-conformances may require evidence of corrective action before the auditor can recommend certification. Check the audit report for the specific deadline — missing it can delay your registration outcome.

What is an NDIS corrective action plan?

A corrective action plan (CAP) is a structured document a registered NDIS provider completes when a non-conformance is identified — whether through an internal audit, a complaint investigation, an incident review, or an external audit conducted by an approved quality auditor against the NDIS Practice Standards. The plan records what went wrong, why it happened, and exactly how the provider will fix it and stop it recurring.

Under the NDIS (Providers — Registration and Practice Standards) Rules, registered providers must operate a continuous improvement system. A properly completed CAP is the primary evidence that your organisation takes that obligation seriously. Auditors — and the NDIS Quality and Safeguards Commission — will look for CAPs that are specific, time-bound, and closed out with verifiable evidence.

When must a corrective action plan be raised?

A CAP is required in any of the following situations:

An approved quality auditor identifies a non-conformance against one or more Practice Standards during a certification or verification audit.
An internal audit or mock audit surfaces a gap against your own policies or the Practice Standards.
A complaint or serious incident investigation reveals a systemic failure — not just a one-off event.
The NDIS Commission issues a compliance notice or requests a remediation response.
A restrictive practices review finds that an unauthorised strategy has been used.

Minor non-conformances identified during an audit typically require a CAP to be submitted to the auditor within an agreed timeframe (often 30 to 90 days). Major non-conformances may require evidence of corrective action before a certification decision is made.

What an NDIS corrective action plan must contain

The NDIS Commission does not prescribe a fixed template, but auditors consistently expect all of the following fields to be present and completed:

Non-conformance reference: Link to the Practice Standard clause, your own policy clause, or the incident/complaint reference number.
Description of the non-conformance: A factual, specific statement of what was found — not vague language like "staff training needs improvement."
Root cause analysis: The underlying reason the gap exists (not just the symptom). Common root causes include: inadequate induction, absent or outdated policy, unclear accountability, or ineffective supervision.
Corrective action(s) required: The specific steps that will fix the gap. Each action should be discrete and verifiable.
Preventive measure: What systemic change will stop the same issue recurring (e.g., a new check in an onboarding checklist, a scheduled policy review cycle).
Person responsible: Named individual, not a job title alone.
Target completion date: Realistic and proportionate to the severity of the non-conformance.
Evidence of completion: What document, record, or observable change will prove the action is done.
Status: Open / In progress / Closed.
Verified by: Quality Manager or equivalent, with date of sign-off.

Worked example: SIL provider corrective action plan

The following is a realistic, representative worked example for a Supported Independent Living provider. Names and details are illustrative only.

Field	Content
Provider name	Sunridge SIL Services Pty Ltd
Date raised	12 May 2026
CAP reference	CAP-2026-007
Audit / source	Certification audit — Module 2A (Household Tasks, Daily Living), finding #3
Practice Standard clause	NDIS Practice Standards — Core Module: Support Provision Environment (Outcome 2.3)
Non-conformance description	Auditor found that three of five SIL houses inspected did not have a current, signed hazard identification and risk assessment for the common living areas. Two assessments were more than 18 months old with no evidence of review. Workers interviewed were unable to locate the documents during the site visit.
Severity	Minor non-conformance
Root cause	The existing policy required annual review of environmental risk assessments but assigned accountability to the "house team" without nominating an individual. No reminder system existed and the annual review step was absent from the house manager's monthly compliance checklist.
Corrective actions	1. Conduct a fresh hazard identification and risk assessment for all five SIL houses — complete by 26 May 2026. 2. Store signed assessments in the shared drive folder: Quality / Sites / [House Name] / Risk Assessments and link from each house's digital dashboard — complete by 26 May 2026. 3. Update the Environmental Risk Assessment Policy to assign accountability to the named House Manager for each site — complete by 2 June 2026. 4. Add "Environmental risk assessment — current and signed?" to the House Manager Monthly Compliance Checklist — complete by 2 June 2026. 5. Brief all House Managers on the updated policy and checklist requirement at the June team meeting — complete by 10 June 2026.
Preventive measure	Automated 60-day-ahead reminder added to the quality calendar for each house's annual risk assessment due date. Quality Manager to spot-check document currency during quarterly internal audits from Q3 2026 onward.
Person responsible	Jordan Reyes, Quality and Compliance Manager
Target completion date	10 June 2026
Evidence of completion	Signed risk assessment documents (PDF, date-stamped upload); updated policy version 3.1 with change log; updated checklist (version control screenshot); attendance record from June team meeting.
Status	Closed — 9 June 2026
Verified by	Sam Okafor, CEO — 9 June 2026

Common mistakes that get CAPs rejected

Auditors and the NDIS Commission regularly see corrective action plans that fail to close out non-conformances properly. The most frequent problems are:

Vague actions: "Staff will be retrained" is not acceptable. Name the training, who delivers it, how completion is recorded, and by when.
No root cause analysis: A CAP that goes straight from problem to fix without explaining why the gap occurred will not prevent recurrence.
Missing evidence: Promising to fix something is not evidence that it is fixed. Always specify the document, record, or observable change that proves completion.
Accountability to a role, not a person: "The team will..." diffuses responsibility. Name one individual.
Unrealistic dates: Dates that have already passed when the CAP is submitted, or target dates that push past the auditor's deadline, both raise concerns.
No preventive measure: A CAP that only fixes the immediate instance — without addressing the system failure that allowed it — will generate the same finding at the next audit cycle.

How corrective action plans fit the strengthened 2026 framework

The strengthened NDIS Practice Standards, which are progressively taking effect for the 2026 registration cycle, place increased emphasis on continuous improvement as an active, documented process rather than a passive aspiration. Providers applying for new registration or renewal can expect auditors to request evidence of a functioning CAP register — including both open and closed items — as part of demonstrating that their quality management system operates in practice, not just on paper.

SIL providers face additional scrutiny because the Module 2A standards for high-intensity daily personal activities and living support carry a higher inherent risk profile. A well-maintained CAP register that shows timely closure and genuine systemic change is one of the clearest signals an auditor can report to the Commission that a provider is managing risk responsibly.

If your organisation is building or reviewing its full audit-readiness documentation — policies, procedures, registers, and templates — the 74-document SIL compliance kit at ndiscompliant.com.au includes a CAP template, a CAP register, and the supporting quality policy framework designed for SIL and disability-support registration contexts.

Practical tips for maintaining your CAP register

Keep a live CAP register (spreadsheet or quality management software) with one row per finding and a RAG status (red/amber/green) visible to leadership.
Review open CAPs at every management meeting — do not let them sit dormant.
When a CAP is closed, retain the evidence for at least the duration of your current registration period.
Use closed CAPs as learning opportunities: brief frontline workers on what changed and why, without naming individuals involved in the original incident.
At each internal audit, check whether previously closed CAPs have held — recurrence of a closed finding is a serious signal of an ineffective quality system.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.