How long does a SIL certification audit take?

The duration depends on the size of your organisation, number of sites, and registration groups. A small SIL provider may have a one or two-day on-site assessment, while larger multi-site organisations may have audits spanning several days across multiple locations. Your approved quality auditor will confirm the scope and timeframe in the audit plan they provide before the assessment.

What is the difference between a certification audit and a verification audit for SIL providers?

Certification audits apply to higher-risk registration groups, including SIL. They involve a full on-site assessment by an approved quality auditor, including staff and participant interviews. Verification audits are a lighter-touch desktop review used for lower-risk registration groups. SIL providers cannot opt for verification — certification is mandatory.

Can a SIL provider use restrictive practices without a behaviour support plan?

No. Under the NDIS (Restrictive Practices and Behaviour Support) Rules, any regulated restrictive practice must be supported by a behaviour support plan prepared by a registered NDIS behaviour support practitioner and authorised under the relevant state or territory process. Using a restrictive practice without these in place is a serious breach and will result in a non-conformance finding during audit.

How far back will auditors look at incident records?

Auditors typically review records covering the current registration period, which is generally three years for certification. They will look for evidence of a functioning system over time, not just recent activity. Gaps in reporting — such as periods with no incidents recorded for a service that carries known risk — can raise questions about whether your system is genuinely capturing all events.

What happens if we receive a non-conformance finding during the audit?

A non-conformance does not automatically mean registration is refused or cancelled. You will be required to submit a corrective action plan addressing each finding within a specified timeframe. The approved quality auditor will assess whether your corrective actions are adequate. Serious or repeated non-conformances can prompt NDIS Commission compliance action, including conditions on registration.

Do SIL participants have to participate in the audit?

Participants cannot be compelled to participate. Auditors will offer participants the opportunity to speak with them privately, and their participation is entirely voluntary. However, auditors will assess whether participants were given genuine access to the process and whether your organisation's culture supports open and safe communication with participants.

NDIS SIL provider: audit preparation (2026)

Why 2026 is a pivotal year for SIL audit preparation

The NDIS Commission's strengthened regulatory framework — progressively rolled out since the Quality and Safeguarding Framework review — places higher scrutiny on Supported Independent Living (SIL) providers than any previous audit cycle. For providers due for registration renewal or initial registration in 2026, the approved quality auditor will assess not just whether policies exist, but whether they are lived in day-to-day operations. Documentary evidence, staff competency records, and participant outcome data all form part of that assessment.

SIL is classified as a higher-risk registration group because participants typically receive continuous support in their home environment. This means SIL providers are subject to certification audits rather than the lighter-touch verification pathway, and those audits are conducted by an NDIS Commission-approved quality auditor — not self-assessed.

Step 1: Map your registration group obligations

Before gathering evidence, confirm which Practice Standards modules apply to your registration. SIL providers must meet:

Core Module — rights, governance, feedback and complaints, incident management, human resources, supporting participants
Module 2: Implementing Supports — support planning, delivery and review
Module 3: Specialist Supports — if you provide behaviour support services alongside SIL
Supplementary Module: SIL-specific requirements — house rules, co-resident agreements, transitions

If your organisation also provides supports other than SIL, each registration group carries its own module requirements. Confirm the full scope with your approved quality auditor when you receive your audit notice.

Step 2: Conduct a gap analysis against the Practice Standards

Run an internal self-assessment at least six months before your audit. Work through each standard indicator and ask: can we demonstrate this with objective evidence? Common areas where SIL providers find gaps include:

Support plans that have not been reviewed within required timeframes or do not reflect the participant's current goals
Behaviour support plans that exist but have not been formally authorised under the relevant state or territory's restrictive practices framework
Incident registers that are incomplete, not classified to the correct category, or where reportable incidents were not notified to the NDIS Commission within the required timeframe
Worker screening records that are out of date or held in inconsistent formats across sites
Complaints registers where outcomes have not been documented or participants were not informed of the resolution

Step 3: Build your evidence library

Auditors assess conformance against each standard indicator using objective evidence. Organise your documentation into clearly labelled folders — physical or digital — that align directly with the standard modules. For each indicator, collect at minimum:

Policy or procedure — current version, approved by governance, reviewed within your stated review cycle
Implementation records — case notes, support plan reviews, meeting minutes, staff rosters
Participant voice — survey results, feedback forms, complaints and compliments log, evidence that participants were informed of their rights
Staff training records — induction checklists, mandatory training completion dates, qualifications where required
Governance records — board or management committee minutes showing oversight of quality and safety indicators

Step 4: Verify incident and restrictive practice compliance

Two areas attract the highest rate of non-conformance findings in SIL audits: incident management and restrictive practices.

Incident management

Your system must capture all incidents, not just those meeting the NDIS Commission's reportable incident threshold. Internally, every incident — including near-misses — should be recorded, investigated, and have a documented outcome. For reportable incidents (as defined under the NDIS (Incident Management and Reportable Incidents) Rules), providers must notify the NDIS Commission within the prescribed timeframes. Auditors will cross-reference your incident register against Commission notification records.

Restrictive practices

SIL providers who use any regulated restrictive practice must hold a behaviour support plan prepared by a registered NDIS behaviour support practitioner. Each practice must be authorised under the applicable state or territory process before it is used — not after. Auditors will look for the authorisation document, evidence that the practice is reviewed regularly, and records showing that the least restrictive option has been considered. Unauthorised use of restrictive practices is treated as a serious compliance matter by the Commission.

Step 5: Prepare your team for auditor interviews

A certification audit is not a paper exercise. The approved quality auditor will conduct interviews with a sample of staff, participants, and where appropriate, family members or nominees. Prepare your team by:

Briefing all staff on the audit purpose without scripting their answers — auditors are trained to detect coached responses
Confirming that direct support workers can explain your complaints process and how they would report an incident
Ensuring participants know they may speak privately with the auditor and that this is their right
Reviewing your supported decision-making processes so staff can articulate how they uphold participant choice and control

What auditors look for: the common non-conformances

Area	Common finding	What to do
Support planning	Plans are generic or not co-produced with the participant	Document the participant's active contribution; include their words where possible
Complaints	No evidence outcomes were communicated back to the complainant	Add a closing step to your complaints procedure requiring written or verbal outcome notification
Worker screening	Expired clearances or staff working pending a check outcome	Build a clearance expiry calendar with 60-day renewal reminders
Governance	No evidence the board reviews quality and safety data	Add a standing agenda item for incident and complaint summary reports
Restrictive practices	Practices used without current written authorisation	Audit all active behaviour support plans and match each practice to an authorisation document

Step 6: Run a mock audit

In the two months before your scheduled audit, conduct an internal mock audit. Assign an internal lead — ideally someone not directly responsible for the compliance area being assessed — to work through each standard indicator as an auditor would. Document the findings and assign corrective actions with owners and due dates. A mock audit gives you time to close gaps before the real assessment and demonstrates a culture of continuous improvement, which auditors view positively.

Compliance kit and ongoing readiness

Maintaining audit readiness between certification cycles requires systems, not just preparation sprints. Your policies must be reviewed on schedule, training records kept current, and incident and complaints data analysed for trends. If you are building your documentation suite from scratch or need to ensure it aligns with the 2026 strengthened standards, ndiscompliant.com.au offers a 74-document audit-ready SIL compliance kit covering all core and supplementary modules — a practical starting point for providers who want structured, Commission-aligned templates rather than blank pages.

Key dates and next steps

The NDIS Commission publishes audit scheduling information through the provider portal. Log in to myplace for providers to check your registration expiry date and confirm when your audit window opens. Build your preparation timeline backwards from that date, targeting a completed gap analysis six months out, evidence compilation four months out, and mock audit two months out.

Regulation in this sector is not static — monitor the NDIS Commission website for updates to the Practice Standards, registration guidelines, and any sector-specific guidance that applies to SIL. Subscribing to Commission news alerts ensures you are not caught off guard by mid-cycle changes.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.