Which NDIS providers must comply with the Provision of Supports Practice Standard?

All NDIS registered providers delivering direct supports to participants must comply. The obligations are most intensive for providers registered for high-risk support categories such as Supported Independent Living, specialist disability accommodation, and high-intensity daily activities, which are subject to full certification audits.

What is the difference between a certification audit and a verification audit under the NDIS Practice Standards?

A certification audit is a comprehensive on-site assessment by an approved quality auditor covering all applicable Practice Standards modules and Quality Indicators. It is required for higher-risk support categories including SIL. A verification audit is a less intensive desktop assessment used for lower-risk support types.

What are reportable incidents under the NDIS and when must they be notified?

Reportable incidents include the death of a participant, serious injury, abuse or neglect, sexual misconduct, and the unauthorised use of a restrictive practice. Registered providers must notify the NDIS Commission of reportable incidents within prescribed timeframes set out in the NDIS (Incidents) Rules. Failure to notify is itself a compliance breach.

Can a SIL provider use a restrictive practice without a behaviour support plan?

No. The NDIS Practice Standards and the NDIS (Restrictive Practices and Behaviour Support) Rules require that any restrictive practice used on an NDIS participant must be covered by a current behaviour support plan prepared by a registered NDIS behaviour support practitioner and authorised under the relevant state or territory law.

What happens if my organisation receives a non-conformance finding during a certification audit?

You must prepare and submit a corrective action plan that addresses the identified gaps. The approved quality auditor must be satisfied that the corrective actions are completed before the audit can close. Serious or repeated non-conformances can lead to registration conditions, suspension, or revocation by the NDIS Commission.

How do the 2026 registration reforms change what SIL providers need to prepare?

The strengthened registration framework introduced stricter fit-and-proper person assessments for key personnel, risk-tiered audit pathways, and a greater focus on governance evidence. SIL providers must now demonstrate that board members and senior executives meet fitness and propriety requirements, and that leadership actively oversees quality and safety data.

NDIS Practice Standard: Provision of Supports explained (2026)

Who needs to understand this Practice Standard?

Every NDIS registered provider delivering direct supports to participants must comply with the NDIS Practice Standards, but the obligations are most acute for providers of high-intensity or accommodation supports — particularly those registered under Supported Independent Living (SIL), specialist disability accommodation, or community participation.

If your organisation employs support workers, coordinates care plans, or is responsible for any aspect of a participant's daily living, this standard applies to you directly. It also applies to organisations seeking registration for the first time under the strengthened 2026 registration framework, which introduced new pathways and raised the bar for initial assessment.

What the Provision of Supports Standard actually requires

The NDIS Practice Standards are structured around core modules and supplementary modules. The Provision of Supports requirement sits within the Core module and operates alongside the Supporting Participant Wellbeing, Support Provision Environment, and other standards. The intent is that providers deliver supports in ways that are:

Consistent with each participant's NDIS plan, goals, and personal preferences
Culturally safe, trauma-informed, and respectful of the participant's background and identity
Delivered by workers with the skills, knowledge, and supervision appropriate to the complexity of the support
Subject to regular review and adjusted as the participant's needs change
Free from abuse, neglect, exploitation, and inappropriate use of restrictive practices

The Quality Indicators linked to this standard are the benchmark against which an approved quality auditor will assess your organisation. They are not aspirational — they are the minimum floor.

The five core obligations explained

1. Individualised support delivery

Supports must be tailored to what the participant actually wants to achieve, not designed around what is convenient for the provider. This means service agreements and support plans must reflect the participant's own goals, risks, and communication preferences — and must be written in a way the participant can understand and engage with. For SIL providers, this typically means maintaining a current, participant-specific behaviour support plan (where applicable) and a detailed daily routine that the participant has had genuine input into shaping.

2. Dignity of risk and informed decision-making

Participants retain the right to make decisions about their own lives, including decisions that carry some degree of risk. Providers must not remove choice in the name of safety without justification grounded in the participant's best interests and (where relevant) supported by a behaviour support practitioner or other specialist. Documented evidence that the participant was informed and that risk was genuinely weighed — rather than paternalistically eliminated — is essential for audit purposes.

3. Worker competency and supervision

Registered providers must ensure that every worker delivering supports has the skills and experience the role requires. The NDIS Code of Conduct requires workers to act with integrity, use supports only in ways consistent with their training, and report concerns through appropriate channels. For high-intensity daily activities — which many SIL providers deliver — the NDIS Commission publishes specific High Intensity Support Skills Descriptors that set out what training workers must hold before performing tasks such as complex bowel care, enteral feeding, or tracheostomy management.

Providers must maintain records of worker qualifications, induction training, and ongoing supervision. Gaps in these records are among the most common non-conformances identified during certification audits.

4. Incident management and reportable incidents

Effective incident management is not optional — it is a Practice Standard requirement and a separate legislative obligation under the National Disability Insurance Scheme Act 2013. Registered providers must have a documented incident management system, investigate incidents in a timely way, and report reportable incidents (including deaths, serious injuries, abuse, neglect, and unauthorised use of restrictive practices) to the NDIS Commission within the required timeframes.

For SIL providers, where participants may be particularly vulnerable, the Commission scrutinises incident data closely. A pattern of unreported or under-investigated incidents can trigger a compliance investigation independent of the audit cycle.

5. Restrictive practices

The use of any restrictive practice — physical, chemical, mechanical, environmental, or seclusion — must be authorised under the relevant state or territory law, documented in a behaviour support plan prepared by a registered behaviour support practitioner, and reported to the NDIS Commission. The Provision of Supports standard requires that providers take active steps to reduce and eliminate restrictive practices over time. This is not a static obligation; providers are expected to demonstrate a trajectory of reduction in their evidence.

How the 2026 registration changes affect this standard

The Australian Government's Strengthening the NDIS Registration Framework reforms, phased in from 2025 into 2026, introduced risk-tiered registration pathways. Providers of higher-risk supports — including SIL — remain subject to certification audits by an approved quality auditor, not just a verification audit. This means a full on-site assessment of your policies, procedures, worker files, participant records, and governance arrangements against every applicable Quality Indicator.

The reforms also introduced stronger fit-and-proper person requirements for key personnel (including board members and senior executives), meaning that the governance layer of your organisation now falls squarely inside the Commission's assessment scope. Providers who previously relied on thin policy documents will find this significantly more demanding.

What auditors actually check — and common gaps

Area assessed	Common non-conformance
Service agreements	Generic templates not individualised to the participant's goals or communication needs
Support plans	Plans not reviewed within required intervals or not reflecting participant input
Worker files	Missing evidence of high-intensity skills training or expired NDIS Worker Screening checks
Incident management	Incidents logged but not investigated; reportable incidents not notified to the Commission
Restrictive practices	Practices used without a current behaviour support plan or state/territory authorisation
Governance	No evidence that the board or senior management reviews quality and safety data regularly

Consequences of non-compliance

The NDIS Commission has a range of enforcement powers under the NDIS Act. Depending on the severity and pattern of non-compliance, the Commission may:

Issue a compliance notice requiring the provider to address specified failures within a set timeframe
Impose conditions on the provider's registration — for example, requiring independent monitoring or restricting the types of supports the provider can deliver
Suspend registration, preventing the provider from receiving NDIS funding during the suspension period
Revoke registration entirely
Apply to the Federal Court for civil penalties in serious cases, including those involving harm to participants

Beyond formal enforcement, a non-conformance finding in a certification audit requires a corrective action plan that must satisfy the auditor before the audit closes. Repeated or serious non-conformances can also trigger an unannounced audit at any time.

Practical steps to demonstrate compliance

Map your current documentation against each Quality Indicator in the Provision of Supports module. Identify gaps before an auditor does.
Review all service agreements and support plans for currency and genuine participant input — check dates, signatures, and goal alignment.
Audit worker records for NDIS Worker Screening clearances, mandatory training completions, and supervision logs.
Test your incident management system by running a sample of closed incidents through your reportable incident criteria — verify that everything that should have been notified was notified.
Map all restrictive practices currently in use: confirm each has a current behaviour support plan, practitioner review date, and state/territory authorisation.
Schedule a governance review where your board or leadership team formally considers quality and safety data and records the outcome in meeting minutes.

For SIL providers looking for a structured starting point, the 74-document audit-ready SIL compliance kit available at ndiscompliant.com.au covers each of the above steps with ready-to-use policy templates, procedure documents, and evidence frameworks mapped to the NDIS Practice Standards Quality Indicators.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.