When does an NDIS mid-term audit occur?

A mid-term audit typically occurs approximately halfway through a provider's three-year certification cycle — generally around 18 months after the initial certification audit or the most recent renewal. The exact timing is confirmed by your approved quality auditor and the NDIS Commission.

Do all registered NDIS providers have to have a mid-term audit?

Mid-term audits apply to providers registered under the certification pathway, which includes all SIL providers and those delivering higher-risk supports. Providers registered under the verification pathway have a different audit process. Check your registration certificate and the NDIS Commission's guidance to confirm which pathway applies to you.

What is the difference between a mid-term audit and a renewal audit?

A renewal (certification) audit is a comprehensive review of all applicable Practice Standards modules conducted at the end of the registration cycle. A mid-term audit is a targeted verification review confirming ongoing compliance and addressing any conditions from the previous audit. The mid-term scope is typically narrower but still requires current evidence across key modules.

What happens if a non-conformance is found at a mid-term audit?

Non-conformances must be remediated within the timeframe specified in the auditor's findings report. Evidence of corrective action is submitted to the auditor for sign-off. Major non-conformances can result in conditions being placed on your NDIS registration, or referral to the Commission for investigation. Unresolved major non-conformances risk suspension or cancellation of registration.

Can a SIL provider prepare for a mid-term audit without engaging an external consultant?

Yes. The NDIS Commission publishes self-assessment tools aligned to the Practice Standards, and providers can use these to conduct internal readiness reviews. The key is maintaining continuous, dated evidence rather than relying on a last-minute document preparation. Internal audits against the Practice Standards — at least quarterly — are best practice.

What are the most common reasons SIL providers fail mid-term audits?

The most common issues are: outdated or unreviewed policies; gaps in NDIS Worker Screening Check records; incomplete incident registers lacking evidence of corrective action; restrictive practices implemented without proper authorisation and a current behaviour support plan; and complaints handled verbally but not recorded in the formal register.

NDIS Mid-Term Audit: A Worked Example

What Is an NDIS Mid-Term Audit?

Registered NDIS providers operating under the certification pathway — which includes all SIL providers — are subject to two types of external audits across a three-year registration cycle: an initial or renewal certification audit, and a mid-term audit conducted partway through that cycle. The mid-term audit is not a full re-certification. It is a verification review designed to confirm that the provider continues to meet the NDIS Practice Standards and has addressed any conditions or non-conformances identified at the previous audit.

For SIL providers, the mid-term audit typically covers the core NDIS Practice Standards modules relevant to your registration groups, along with any strengthened requirements under the 2026 framework — including updated obligations around worker screening, behaviour support, and restrictive practices authorisation.

Understanding what auditors actually look for — and seeing a worked example of how evidence is organised — is the most practical preparation you can do.

How the Mid-Term Audit Works: The Process Step by Step

Notification and scheduling. Your approved quality auditor contacts you to schedule the audit. You will receive a scope document confirming which Practice Standards modules are in scope. Review this immediately and map it against your existing evidence.
Document submission. Prior to the on-site or remote review, auditors typically request a document pack. This includes your current policies, procedures, incident registers, worker screening records, complaints registers, and any evidence of corrective actions from your previous audit.
Desktop review. The auditor reviews submitted documents for completeness, currency (are they dated and reviewed within required periods?), and alignment with the Practice Standards.
Participant and worker interviews. Auditors speak with participants and staff to test whether written policies reflect lived practice. Discrepancies between what your policy says and what staff describe are a primary source of non-conformances.
Site inspection (if applicable). For SIL settings, this includes inspection of the physical environment, medication storage, restrictive practice registers, and communication boards or individual support plans on display or accessible to workers.
Findings report. The auditor issues a findings report identifying conformances, non-conformances, and areas for improvement. You are given an opportunity to respond before the final report is lodged with the NDIS Commission.
Corrective action. Non-conformances must be remediated within the timeframe specified in the report. Major non-conformances can trigger conditions on your registration or referral to the Commission for further action.

What Auditors Actually Check: Core Evidence Areas

For a SIL provider, the mid-term audit typically examines evidence across the following Practice Standards modules:

Practice Standards Module	Key Evidence Auditors Request
Rights and Responsibilities	Participant service agreements; signed rights documents; complaints process communicated in accessible format
Governance and Operational Management	Board/management governance documents; risk register; insurance certificates; quality management framework
Provision of Supports	Individual support plans; evidence of participant goal review; rostering records aligned to plans
Support Provision Environment	Maintenance records; medication management logs; emergency evacuation plans; infection control procedures
Incident Management	Incident register; reportable incident notifications to NDIS Commission; evidence of internal review and corrective action
Complaints Management	Complaints register; evidence complaints were acknowledged, investigated, and resolved; accessible complaints process
Worker Screening and Training	NDIS Worker Screening Checks for all workers; training records (Code of Conduct, mandatory reporting, restrictive practices)
Behaviour Support (if applicable)	Behaviour support plans; restrictive practices authorisation records; NDIS Commission reporting compliance

Worked Example: Incident Management Evidence Pack

The following is a realistic example of how a SIL provider might structure their incident management evidence file for the mid-term audit. This is illustrative — your organisation's records must reflect your actual incidents and responses.

EVIDENCE FILE: Incident Management — Mid-Term Audit Submission

Provider name: Sunrise Community SIL Services Pty Ltd

Audit period covered: [Month YYYY] to [Month YYYY]

Prepared by: Quality & Compliance Manager

Documents included:

1. Incident Management Policy (version 4.2, reviewed [date])

2. Incident Register — full period export (de-identified for submission)

3. Reportable Incident Notification log — listing date, type, NDIS Commission ref number, and outcome

4. Three closed-incident case summaries demonstrating: acknowledgement within required timeframe, internal investigation, corrective action implemented, and participant/family follow-up

5. Staff training records: Mandatory Reporting module, completion dates and names

6. Evidence of policy review triggered by a sentinel event in [month] — updated procedure, staff re-briefing sign-off sheet

Auditor note field (to be completed by auditor): [blank]

Notice what this pack demonstrates: the policy is current and dated, the register covers the full audit window, reportable incidents were notified to the Commission with reference numbers (proof of compliance), and there is visible evidence that incidents drove systemic improvement — not just administrative recording.

Common Non-Conformances Found at Mid-Term Audits

Based on the NDIS Commission's published guidance and the nature of the Practice Standards, the following are frequently cited areas of non-conformance in mid-term audits for SIL providers:

Outdated policies. Policies that have not been reviewed within the period stated in the document itself, or that do not reflect current Commission requirements (particularly post-2026 strengthened framework changes).
Gaps in worker screening records. Workers commencing before their NDIS Worker Screening Check clearance was received, or records that cannot confirm the clearance was current at the time of commencement.
Incident register incomplete. Incidents recorded without evidence of investigation, corrective action, or participant notification. Commission reportable incidents not notified within required timeframes.
Behaviour support non-compliance. Restrictive practices implemented without a current, Commission-approved behaviour support plan, or implemented by workers without documented authorisation and training.
Support plans not reviewed. Individual support plans that have not been reviewed within the period required by the participant's NDIS plan or the provider's own stated review cycle.
Complaints not documented end-to-end. Verbal complaints that were resolved but never entered into the formal register, meaning auditors cannot verify the complaints process was followed.
Training records incomplete. No evidence that all current workers have completed mandatory training (Code of Conduct induction, restrictive practices, incident reporting), particularly for workers who joined mid-cycle.

Preparing Between Audits: The Evergreen Evidence Principle

The most effective SIL providers treat compliance as a continuous operational discipline rather than a pre-audit scramble. Practical steps to maintain audit-ready status:

Set calendar reminders for policy review dates — do not wait for an auditor to find an expired review date.
Maintain a live incident register with a column for "corrective action completed" and "participant notified" — these two fields are what auditors most commonly find blank.
Run a quarterly internal mock audit using the NDIS Practice Standards self-assessment tool available from the Commission website.
Keep a single source of truth for worker screening clearances, with expiry date visibility — clearances are time-limited and must remain current throughout employment.
Document every complaint, including those resolved informally, with date received, nature, action taken, and outcome.

Providers preparing for mid-term audits under the 2026 strengthened framework may find it useful to have a complete, structured compliance document set already mapped to the current Practice Standards. The 74-document SIL compliance kit at ndiscompliant.com.au covers all core modules — policies, procedures, registers, and templates — pre-mapped to Commission requirements, which can significantly reduce preparation time.

What Happens After the Audit

If non-conformances are identified, your response must be systematic: acknowledge the finding, identify the root cause (not just the symptom), implement a corrective action, and provide evidence of implementation to the auditor within the specified timeframe. Minor non-conformances typically have a longer remediation window; major non-conformances may require urgent attention and carry registration implications if unresolved.

Keep the auditor's findings report on file and reference it when briefing your next registration renewal team — showing that you remediated previous findings demonstrates a genuine quality management culture, which auditors note positively.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.