What must be included in an NDIS QMS for a SIL provider?

A SIL provider's QMS must cover all four core NDIS Practice Standards modules (rights and responsibilities, governance and operational management, provision of supports, and support provision environment) plus the supplementary SIL module. It should include policies, procedures, registers (non-conformance, risk, complaints), staff training records, an internal audit schedule and evidence of participant involvement in quality processes.

How often do NDIS QMS documents need to be reviewed?

At minimum, NDIS Practice Standards require policies to be reviewed regularly — most providers use an annual cycle as the baseline. A triggered review is also required after a critical incident, a significant audit non-conformance, changes to legislation or NDIS Commission rules, or a material change to the services you deliver.

What does an approved quality auditor look for in a QMS?

Auditors look for evidence that your QMS is embedded in operations, not just documented. They will check that policies are current, staff can locate and explain them, participant feedback has driven measurable improvements, incidents have been investigated and corrected, and that governance leadership has oversight of quality data. Policy documents alone without supporting evidence are a common source of non-conformances.

Does a small SIL provider need a formal QMS?

Yes. All registered NDIS providers delivering higher-risk supports — including SIL — are required to undergo certification audit against the NDIS Practice Standards. Certification requires a verifiable QMS regardless of organisation size. A small provider may have a simpler structure, but the core elements (governance, incident management, complaints, continuous improvement) must all be present and evidenced.

What are the consequences of a QMS non-conformance at audit?

If an approved quality auditor identifies non-conformances, they are classified as either major or minor. Major non-conformances may prevent the NDIS Commission from granting or renewing registration until they are resolved. Minor non-conformances must be corrected within a specified timeframe and verified in a follow-up process. Persistent or unresolved non-conformances can trigger compliance investigations by the NDIS Commission.

How does the 2026 strengthened framework change QMS requirements?

The strengthened NDIS registration framework increases requirements around governance transparency, suitability of key personnel and the depth of evidence required to demonstrate participant outcomes. Providers renewing registration from 2026 should ensure their QMS includes a clear governance map, role-level accountabilities, internal audit records and documented evidence that participants with complex needs can meaningfully participate in quality processes.

NDIS quality management system example (filled-in sample)

What is an NDIS quality management system?

A quality management system (QMS) is the backbone of registered NDIS provider compliance. It is not a single document — it is an interconnected set of policies, procedures, registers, schedules and review cycles that together demonstrate your organisation meets the NDIS Practice Standards and the requirements set by the NDIS Quality and Safeguards Commission.

For SIL (Supported Independent Living) and other higher-risk supports, a QMS must cover all four core modules of the Practice Standards as well as the supplementary module for SIL. Under the strengthened 2026 registration framework, auditors assess whether your QMS is embedded in day-to-day operations — not simply a folder of policies that staff have never read.

What a QMS must cover (Practice Standards alignment)

The NDIS Commission's Practice Standards are grouped into core and supplementary modules. Your QMS must address each applicable element. For a SIL provider, this means at minimum:

Rights and responsibilities — person-centred practice, dignity of risk, privacy
Governance and operational management — leadership accountability, incident management, complaints, human resources, risk management
The provision of supports — support planning, transitions, service agreements
Support provision environment — safe environments, emergency and evacuation plans
SIL supplementary module — accommodation onboarding, individual living arrangements, overnight support ratios, participant-led reviews

Filled-in QMS sample: Continuous Improvement Policy

The following is a realistic example of how a registered SIL provider might complete one core QMS document — the Continuous Improvement Policy. Adapt this to your own organisation's name, structure and evidence.

Field	Filled-in example
Policy title	Continuous Improvement and Quality Management Policy
Policy owner	Chief Executive Officer
Applicable service types	SIL — all accommodation sites; Community Participation (where registered)
Review cycle	Annual minimum; triggered review upon any critical incident, audit non-conformance or legislative change
Version	3.1 — updated to reflect 2026 strengthened Practice Standards
Purpose	To ensure Sunrise Supported Living Pty Ltd systematically identifies, analyses and acts on opportunities to improve the quality and safety of supports delivered to NDIS participants.
Scope	All staff, volunteers, contractors and subcontracted support workers delivering NDIS-funded supports across all sites.
Legislative and regulatory basis	NDIS Act 2013 (Cth); NDIS (Provider Registration and Practice Standards) Rules 2018; NDIS Code of Conduct; NDIS Practice Standards (Core Modules 1–4, SIL Supplementary Module)
Key roles and responsibilities	CEO: final accountability for QMS integrity. Quality Manager: coordinates audit schedule, non-conformance register, staff training records. Site Supervisors: capture feedback, complete monthly quality checks, escalate incidents within 24 hours. All staff: report near-misses and participant feedback.
Continuous improvement cycle	Plan — Do — Check — Act (PDCA). Evidence gathered from: participant feedback surveys (quarterly), staff debrief notes, incident and complaints data (monthly trend review), internal audits (bi-annual), external audit findings.
Non-conformance management	All non-conformances recorded in the Non-Conformance Register within 48 hours of identification. Root-cause analysis completed within 10 business days. Corrective action assigned owner and target date. Closed non-conformances reviewed at the next Board quality report.
Participant involvement	Participants are invited to contribute to quarterly quality reviews. Feedback is documented, de-identified, and tabled at the Quality and Safety Committee. Outcomes and any changes are communicated back to participants in accessible formats.
Document control	All QMS documents stored in the organisation's SharePoint quality register. Superseded versions archived with retention period aligned to NDIS Commission record-keeping guidance. Staff notified of updates via all-staff email and induction refresher.
Related documents	Incident Management Policy; Complaints and Feedback Policy; Risk Management Framework; Restrictive Practices Policy; Human Resources Policy; Emergency Management Plan

The QMS documents auditors will ask for

When an approved quality auditor (AQA) conducts your certification or verification audit against the NDIS Practice Standards, they will seek evidence across your whole QMS — not just the policy documents. Common evidence requested includes:

Non-conformance and corrective action register — showing all incidents and near-misses have been reviewed and acted upon
Internal audit schedule and completed audit reports — demonstrating proactive monitoring, not just reactive fixes
Participant feedback data and how it drove change — auditors look for the "loop closed" evidence
Staff training records — including NDIS Code of Conduct induction, mandatory reporter training, and restrictive-practices authorisation where applicable
Board or governance committee meeting minutes — showing quality is on the leadership agenda
Complaints register and outcome letters — verifying the complaints pathway is operational and that complainants received responses
Risk register — updated, with risk owners and treatment status visible

Five common QMS gaps that cause audit non-conformances

Policies exist but staff cannot locate or explain them. Fix: build a policy acknowledgement sign-off into your induction and annual training cycle.
Review dates are overdue. Fix: assign a Quality Manager calendar trigger at least 60 days before each policy's review date.
Feedback is collected but not actioned. Fix: document the outcome of each feedback item and close the loop with the participant.
Incident management records are incomplete. Fix: use a structured incident reporting template that captures date, time, people involved, immediate response, reportable-incident determination and corrective action.
The QMS has no SIL-specific supplementary documents. Fix: the SIL module requires additional policies covering individual living arrangements, support ratios and participant-directed decision-making — these cannot be borrowed from a generic disability support QMS.

Structuring your QMS for the 2026 strengthened framework

The NDIS Commission's strengthened registration requirements — being progressively implemented from 2026 — increase the scrutiny applied to governance, suitability of key personnel and the evidencing of participant outcomes. To be audit-ready under this framework, your QMS should:

Include a documented governance structure that names key personnel and their responsibilities by role, not just by name
Map each policy to the specific NDIS Practice Standard element it satisfies, so auditors can trace compliance clearly
Contain a rolling internal audit schedule that demonstrates at least one full internal audit cycle is completed between external audits
Evidence that participants with complex communication needs can access and contribute to quality processes in formats that work for them

For providers building or overhauling their QMS ahead of renewal, the ndiscompliant.com.au 74-document audit-ready SIL compliance kit includes pre-filled policy templates, registers, audit checklists and staff induction resources aligned to the current Practice Standards — a practical shortcut for organisations that need a complete, structured foundation quickly.

Keeping your QMS live between audits

A QMS that is only opened when an audit notice arrives will not reflect genuine continuous improvement — and auditors will notice. The hallmarks of a QMS that works in practice are: regular team meetings that table quality data, a non-conformance register that is never empty (because no organisation is perfect), participant voices that demonstrably shape service design, and leadership that can articulate why each policy exists.

Building quality management into your operational rhythms — monthly team reviews, quarterly participant surveys, bi-annual internal audits — means your QMS is simply the documented record of what you already do, rather than a compliance burden.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.