Do all NDIS providers need to complete both Stage 1 and Stage 2 audits?

No. Only providers registered for higher-risk registration groups — including SIL, specialist disability accommodation, and behaviour support — are required to undergo a full two-stage certification audit. Providers delivering lower-risk supports typically complete a verification audit, which is a document-based review without a formal on-site Stage 2 component.

How long does an NDIS two-stage audit typically take from start to finish?

The total timeframe depends on the size and complexity of your organisation and how quickly any non-conformances from Stage 1 are resolved before Stage 2 proceeds. Providers should engage their approved quality auditor well in advance of their registration renewal date to allow sufficient time for both stages and any remediation periods.

Can Stage 1 and Stage 2 be conducted by different auditors?

Both stages must be conducted by an NDIS Commission-approved quality auditor. In most cases, the same approved quality auditor organisation conducts both stages to ensure continuity, but the NDIS Commission's requirements focus on the organisation's approval status rather than mandating the same individual auditor for both stages.

What happens if we receive a major non-conformance at Stage 2?

A major non-conformance means a significant gap has been identified between your documented systems and your actual practice. Your auditor will specify what evidence is needed to resolve it and within what timeframe. Unresolved major non-conformances can result in conditions being placed on your registration or affect your registration renewal outcome.

Are participant interviews during Stage 2 compulsory?

Approved quality auditors are required to seek participant input as part of the Stage 2 process, as participant experience is central to the Practice Standards assessment. Providers should facilitate access to participants and, where relevant, their supporters or nominees, while ensuring participation is genuinely voluntary and not coerced.

How have the 2026 strengthened Practice Standards changed what auditors look for?

The strengthened framework places greater emphasis on supported decision-making, genuine participant voice in support planning, continuous improvement evidence, and documented workforce competency for high-intensity supports. Auditors are assessing whether these values are embedded in practice — not just reflected in policy documents.

NDIS Stage 1 vs Stage 2 Audit (2026): What SIL Providers Must Know

Understanding the Two-Stage NDIS Audit Process

If your organisation provides Supported Independent Living (SIL) or other high-intensity supports, you are subject to a two-stage audit conducted by an NDIS Commission-approved quality auditor. Understanding the difference between Stage 1 and Stage 2 — and what auditors examine at each point — is essential for a successful registration or renewal outcome under the strengthened 2026 NDIS Practice Standards framework.

What Is a Stage 1 Audit?

Stage 1 is a documentation and systems review. It is typically conducted remotely, though auditors may attend your premises if required. The auditor's primary objective is to assess whether your organisation has the policies, procedures, and governance frameworks in place to demonstrate readiness against the applicable NDIS Practice Standards.

What auditors examine in Stage 1

Organisational policies covering incident management, complaints handling, restrictive practices, and participant rights
Human resources documentation: recruitment procedures, position descriptions, worker screening evidence, and induction records
Governance structure: board or management arrangements, organisational chart, and accountability mechanisms
Risk management frameworks and business continuity plans
Consent and privacy procedures, including how participant information is stored and shared
Evidence of how the organisation plans to implement the Practice Standards in practice (not just on paper)
For SIL providers: high-intensity support protocols covering areas such as medication management, complex bowel care, dysphagia management, and positive behaviour support

Common Stage 1 non-conformances

Auditors regularly identify the following gaps during Stage 1 reviews:

Policies that reference outdated versions of the Practice Standards and have not been updated to reflect the strengthened 2026 framework
Generic templates adopted without contextualisation to the provider's actual service model
Incident management procedures that do not distinguish between reportable incidents requiring NDIS Commission notification and internal incidents
Missing or incomplete restrictive practice authorisation procedures, particularly for providers operating across multiple states with differing authorisation bodies
Workforce documentation that does not demonstrate ongoing worker screening compliance, including NDIS Worker Screening Check renewal processes

What Is a Stage 2 Audit?

Stage 2 is the on-site verification stage. Auditors visit your service locations — including participant homes for SIL providers — to confirm that what your documents say is actually happening in practice. This is where many organisations find the gap between their policy intent and their operational reality becomes visible.

What auditors examine in Stage 2

Interviews with workers, including frontline support workers, team leaders, and management
Interviews with participants and, where appropriate, their nominees, families, or advocates
Direct observation of support environments: physical safety of premises, accessibility, and whether participant living spaces reflect individual choice and control
Review of individual participant files: support plans, risk assessments, behaviour support plans, and evidence of goal review
Medication administration records and evidence of competency for workers delivering health-related supports
Incident and complaint registers: are incidents being correctly identified, recorded, and escalated? Is there a feedback loop demonstrating continuous improvement?
Restrictive practice registers and evidence that any regulated restrictive practices are authorised, monitored, and subject to behaviour support planning

Common Stage 2 non-conformances

Workers who cannot articulate key policy requirements — such as how to identify and report a reportable incident — despite policies being well-documented
Support plans that have not been reviewed within required timeframes or do not reflect participants' current goals and circumstances
Restrictive practices being used without current authorisation documentation available on site
Participants unable to identify their key contact or how to raise a complaint, indicating that rights information is not being communicated effectively
Workforce training records that are incomplete or show workers delivering high-intensity supports without documented competency evidence

Key Differences at a Glance

Feature	Stage 1	Stage 2
Format	Desktop/document review	On-site visit
Primary focus	Policies, systems, governance	Practice, people, evidence
Who is involved	Management, documentation holders	Workers, participants, management
Participant interaction	Minimal or none	Interviews and observation
Timing	Completed before Stage 2	Follows successful Stage 1
Output	Conformance/non-conformance findings on documentation	Full audit report with certification recommendation

Who Needs a Two-Stage Audit?

Not all NDIS providers undergo both stages. The audit pathway depends on your registration group and risk profile:

Certification audit (Stage 1 + Stage 2): Required for providers delivering higher-risk supports, including SIL, specialist disability accommodation, early childhood supports, and behaviour support. This is the pathway that applies to most SIL providers.
Verification audit: A lighter-touch, document-based audit for lower-risk registration groups. Does not typically include an on-site Stage 2 component.

If you are unsure which pathway applies to you, your approved quality auditor or the NDIS Commission can clarify based on your registration groups.

What Has Changed Under the Strengthened 2026 Framework?

The strengthened NDIS Practice Standards introduced increased expectations in several areas that auditors are now assessing more rigorously:

Participant voice: Auditors place greater emphasis on evidence that participants are genuinely involved in decisions about their supports, not just that consent forms are signed
Supported decision-making: Providers must demonstrate how they support participants to make their own decisions, including for those with complex communication needs
Workforce capability: Competency-based evidence for workers delivering health-related and high-intensity supports is scrutinised more thoroughly
Continuous improvement: Providers must demonstrate a genuine feedback loop — that complaints, incidents, and audit findings actually result in operational change
Behaviour support: The alignment between behaviour support plans, restrictive practice registers, and authorisation documentation is a focus area for SIL providers

Practical Preparation Steps for SIL Providers

Audit your own policies first. Before your auditor does, conduct an internal review of every policy against the current Practice Standards. Flag anything referencing superseded versions.
Walk through your document set from the auditor's perspective. Can you produce worker screening evidence, training records, and participant file documentation quickly and completely?
Brief your workers. Workers should be able to speak confidently about how they handle incidents, support participant choice, and raise concerns. Policy knowledge should not live only in management's heads.
Check your restrictive practice register. Every regulated restrictive practice must have current authorisation. Expired or missing authorisations are a significant non-conformance risk.
Review participant files for currency. Support plans, risk assessments, and behaviour support plans should reflect each participant's current circumstances and recent review dates.
Test your incident pathway. Run a simulated scenario with your team: if an incident occurred tonight, could your workers correctly identify it, document it, and escalate it to the right person?
Prepare your continuous improvement evidence. Collate examples of how recent incidents, complaints, or previous audit findings led to concrete policy or practice changes.

Providers managing the full documentation burden of a certification audit — particularly those preparing for their first SIL registration or a registration renewal — may find it helpful that ndiscompliant.com.au offers a 74-document audit-ready SIL compliance kit, designed to align with the current Practice Standards and save significant preparation time.

After the Audit: Responding to Non-Conformances

If your audit report identifies non-conformances, you will typically be given a defined timeframe in which to address them and provide evidence of remediation to your auditor. Minor non-conformances may be resolved through updated documentation or additional training records. Major non-conformances may require more substantive systemic changes and can affect your registration outcome if not addressed within the required period.

Treat non-conformances as a quality improvement opportunity rather than a penalty. The NDIS Commission's goal is a workforce and provider market capable of delivering safe, high-quality supports. Providers who approach the audit process as a genuine self-assessment — rather than a compliance performance — consistently achieve better outcomes.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.