Who counts as a risk-assessed role under the NDIS Worker Screening Rules?

A risk-assessed role is defined in the NDIS Worker Screening Rules and broadly includes anyone who delivers direct supports or services to NDIS participants, or who is a key personnel member of a registered NDIS provider. This covers direct support workers, allied health practitioners, volunteers with more than incidental participant contact, and contractors delivering direct supports. Providers must apply the legislative definition to every role — not rely on job title alone.

Can a worker start in a risk-assessed role while their NDIS Worker Screening application is still pending?

For registered NDIS providers delivering certain higher-risk supports — including SIL — workers generally cannot commence in a risk-assessed role on a pending application. The clearance must be verified before engagement begins. Auditors routinely check for this gap and will raise a non-conformance if workers are found to have commenced prior to clearance confirmation.

How often should a worker screening policy be reviewed?

Best practice and the governance expectations embedded in the NDIS Practice Standards point to at least annual review, plus an immediate review following any change to the NDIS Worker Screening Rules or Practice Standards. The review must be documented — auditors will ask for evidence such as board minutes or a sign-off record showing the review took place.

What happens if the NDIS Worker Screening Unit issues an exclusion notice for one of our workers?

The registered provider is legally prohibited from engaging that person in any risk-assessed role. Your policy must set out an immediate response: standing the worker down, notifying the relevant manager and CEO, arranging continuity of support for affected participants, and retaining records of all steps taken. Auditors will look for a defined, time-bound process — not a general statement of intent.

Do we need to verify screening clearances for agency or labour-hire workers?

Yes. As the registered NDIS provider, you bear responsibility for ensuring that everyone in a risk-assessed role within your service holds a valid clearance — regardless of whether they are directly employed or engaged through an agency. Your policy should specify who verifies the clearance (you or the agency) and how verification evidence is retained and accessible during an audit.

What records do auditors typically request when reviewing worker screening compliance?

Auditors commonly request the worker screening register (showing clearance numbers, verification dates, and responsible officer), a sample of individual personnel files for cross-referencing, the current version of the worker screening policy with its review history, and evidence of governance oversight such as board or management sign-off. Inconsistencies between the register and individual files are among the most common findings.

NDIS Worker Screening Policy: What Auditors Look For in 2026

Why Your Worker Screening Policy Is an Audit Priority

Worker screening sits at the intersection of participant safety and provider registration obligations. Under the NDIS (Practice Standards — Worker Screening) Rules and the NDIS Act 2013, registered providers delivering higher-risk supports — including Supported Independent Living — must ensure that every person in a risk-assessed role holds a valid NDIS Worker Screening clearance before they engage with participants. Because the consequences of a gap are serious (potential harm to participants, immediate registration risk), approved quality auditors treat this policy as a cornerstone document rather than a back-of-folder formality.

With the strengthened NDIS Practice Standards taking effect from 2026, auditors are applying heightened scrutiny to governance documents. A policy that was adequate in previous audit cycles may now fall short. This article maps exactly what auditors look for, the most common non-conformances found in SIL settings, and what your policy must contain to demonstrate compliance.

The Audit Lens: What Approved Quality Auditors Actually Check

Auditors reviewing your worker screening policy work through a structured evidence framework. They are not simply confirming the policy exists — they are establishing whether it is implemented, understood, and effective. The following is what the evidence trail must show.

1. Scope and Role Identification

Auditors first examine whether your policy correctly identifies which roles are risk-assessed roles under the NDIS Worker Screening Rules. In a SIL context this commonly includes:

Support workers who deliver direct personal supports to participants
Allied health practitioners engaged under the registration group
Key personnel (as defined in the NDIS Act)
Volunteers who have, or are likely to have, more than incidental contact with participants
Sole traders or contractors providing direct supports

A policy that vaguely refers to "all staff" without linking to the legislative definition of risk-assessed roles will frequently attract a finding, because auditors cannot verify you have applied the test correctly to every worker category.

2. Pre-Engagement Clearance Verification

Your policy must establish an unambiguous rule: no person commences work in a risk-assessed role until a valid clearance has been verified. Auditors cross-reference this against your actual worker records. They will request evidence — typically a register or file extract — showing the clearance number, the date verified, and the staff member responsible for verification for every worker currently in a risk-assessed role.

Common non-conformance: policies that allow workers to commence on the basis of a "pending" application. The NDIS Worker Screening Rules do not permit this for risk-assessed roles in registered NDIS organisations delivering certain supports.

3. Ongoing Monitoring and Clearance Currency

A clearance is not a once-and-done document. It can be suspended, cancelled, or converted to an exclusion at any time if new information comes to light. Auditors look for evidence that your policy requires:

Periodic re-verification of clearance status (not just at point of hire)
A process by which changes notified by the NDIS Worker Screening Unit trigger an immediate management response
A designated responsibility holder (a named role, not just "management") for monitoring currency

4. Response to Exclusion Orders

If the Worker Screening Unit issues an exclusion, the provider is prohibited from engaging that person in a risk-assessed role. Your policy must set out the response steps — including immediate suspension from the role pending confirmation, notification obligations, and how participant continuity of support is managed. Auditors look for a clear escalation pathway, not a generic statement that "appropriate action will be taken."

5. Record-Keeping Requirements

The NDIS Practice Standards require providers to maintain records sufficient to demonstrate compliance. For worker screening, auditors typically expect:

A centralised worker screening register (paper or electronic) showing clearance numbers and verification dates for all risk-assessed roles
Evidence the register is actively maintained (date of last update, responsible officer)
File-level evidence for a sample of individual workers

Auditors will pull a sample — often five to ten worker files — and reconcile what the register says against what the individual files contain. Discrepancies between the two are among the most common audit findings in SIL audits.

6. Contractor and Volunteer Coverage

Many providers under-scope their policy by focusing only on directly employed staff. Auditors check that the policy explicitly addresses contractors, labour-hire workers, and volunteers. If your SIL house uses agency support workers, the policy should specify who verifies clearance — you as the registered provider, or the labour-hire agency — and how you retain evidence that verification occurred.

7. Policy Review Cycle and Version Control

A policy last reviewed before the strengthened standards were published signals to an auditor that the document may not reflect current requirements. Your policy should state a review frequency (annually at minimum, and upon any relevant legislative change), carry a version number, show the date of last review, and name the approving officer. Auditors will check whether the review has actually occurred by requesting board or management meeting minutes, or a sign-off record.

Policy Template Excerpt: What Compliant Language Looks Like

The following is a realistic excerpt illustrating the kind of language auditors expect to see. It is a structural guide, not legal advice — adapt it to your organisation's context.

Policy element	Example compliant wording
Scope	"This policy applies to all employees, contractors, volunteers and students who occupy a risk-assessed role as defined under the NDIS Worker Screening Rules 2020 (Cth)."
Pre-engagement	"No person may commence duties in a risk-assessed role until the People & Culture Manager has verified a current NDIS Worker Screening clearance and recorded the clearance number in the Worker Screening Register."
Ongoing monitoring	"The People & Culture Manager will review the Worker Screening Register monthly and cross-check clearance status via the NDIS Worker Screening portal. Any notification of suspension, exclusion or cancellation will be escalated to the CEO within 24 hours."
Exclusion response	"Upon receipt of an exclusion notice, the worker will be immediately stood down from all risk-assessed role duties. The CEO will notify affected participants and their nominees and arrange continuity of support within two business days."
Review	"This policy will be reviewed annually and following any amendment to the NDIS Worker Screening Rules or NDIS Practice Standards. The next scheduled review date is [DATE]. Version: [X.X]. Approved by: [ROLE], [DATE]."

The Most Common Non-Conformances in SIL Audits

No centralised screening register — clearance records are scattered across individual personnel files with no single source of truth. Auditors cannot efficiently verify coverage and providers cannot quickly demonstrate compliance when asked.
Policy does not address contractors and agency workers — scope limited to direct employees only, leaving a visible gap that auditors flag as a systemic risk.
Clearance verification not documented — workers hold clearances, but there is no record of who verified the clearance, when, and against which number. The clearance existing is not enough; verification must be evidenced.
No process for ongoing monitoring — policy states workers "must hold" a clearance but does not describe how currency is checked after hire.
Exclusion response is vague — "appropriate action will be taken" does not satisfy the auditor's need to see a defined, time-bound escalation process that protects participants.
Policy not updated post-2023 rule changes — the strengthened framework introduced updated expectations; an outdated document is a visible red flag even if underlying practice is sound.

Steps to Prepare Your Policy Before Your Next Audit

Pull your current worker screening policy and check the review date. If it pre-dates the most recent NDIS Practice Standards update, schedule an immediate revision.
Map every role in your organisation against the definition of risk-assessed role under the NDIS Worker Screening Rules. Document your rationale for inclusions and exclusions.
Reconcile your worker screening register against current staff, contractor, and volunteer lists. Resolve any gaps before the audit window opens.
Verify that your policy explicitly names who is responsible for pre-engagement verification, ongoing monitoring, and exclusion response — by role title, not just "management."
Test your escalation pathway: if the Worker Screening Unit contacted your organisation today with a suspension notice, could your team follow the documented steps without confusion?
Ensure your register shows clearance numbers and verification dates, not just a tick or a "yes" column.
Obtain board or management sign-off on the updated policy and retain the minutes or sign-off record as evidence of governance oversight.

How This Fits Within Your Broader Compliance Framework

Worker screening policy does not stand alone. Auditors assess it in conjunction with your recruitment and induction procedures, your incident management policy (which must address worker-related incidents), your complaints policy, and your key personnel declarations. Providers preparing for registration renewal or a certification audit under the strengthened 2026 standards benefit most from reviewing all these documents as a coherent set rather than in isolation.

If you are building or rebuilding your full policy suite, the 74-document audit-ready SIL compliance kit available at ndiscompliant.com.au is designed specifically for this purpose — covering worker screening, incident management, restrictive practices authorisation, and all other Practice Standard domains in one package.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.