Does a self-managed NDIS participant need a complaints policy?

No. Complaints management policies, registers, and formal complaint resolution procedures are obligations of registered NDIS providers, not self-managed participants. A self-managed participant should still keep records of service agreements and payments, but formal quality system documents are not required.

What is the difference between a verification audit and a certification audit for NDIS providers?

A verification audit applies to providers with lower-risk registration groups and is typically a desktop document review. A certification audit applies to providers in higher-risk groups — including most SIL providers — and involves an on-site assessment of documents, processes, and interviews with participants and staff. Certification audits are more intensive and require a broader evidence file.

How often do registered SIL providers need to be audited?

The standard registration period is three years, with a mid-term audit required at the halfway point. The NDIS Commission may also conduct unscheduled compliance audits at any time if concerns are raised. Providers should maintain audit-ready documentation continuously, not just in the lead-up to scheduled audits.

Do workers engaged by a self-managed participant need NDIS Worker Screening clearances?

Yes, in certain circumstances. Workers in risk-assessed roles — such as those providing direct personal care or accessing a participant's home — must hold a valid NDIS Worker Screening clearance regardless of whether the participant is self-managed, plan-managed, or agency-managed. The clearance obligation sits with the worker and the engaging organisation or participant.

What happens if a registered provider cannot produce required documents during an audit?

An inability to produce required evidence during a certification or verification audit typically results in a non-conformance finding. Depending on severity, this can lead to conditions being placed on registration, a directed corrective action plan, or in serious cases, a recommendation against registration renewal. The NDIS Commission has broad powers to investigate and take compliance action.

Are behaviour support plans mandatory for all SIL providers?

Not automatically — behaviour support plans are required when a registered provider is supporting a participant for whom a regulated restrictive practice has been authorised, or where a registered behaviour support practitioner has assessed that a plan is needed. SIL providers must have systems in place to identify when a plan is required, ensure one is obtained, and ensure all staff who implement it are trained and have access to the current version.

Self-managed vs registered provider: documents you need in 2026

Who this checklist is for

Two very different documentation obligations exist in the NDIS ecosystem. A self-managed participant controls their own funding and can engage any worker or service, but their paperwork burden sits almost entirely with them as a participant, not as a business entity. A registered NDIS provider — including every organisation delivering Supported Independent Living (SIL) — carries a substantially heavier compliance load under the NDIS Quality and Safeguards Commission's Practice Standards and Code of Conduct.

With the strengthened 2026 NDIS Practice Standards now in effect, many SIL and specialist disability accommodation providers are discovering gaps in their document libraries at the worst possible moment: during a scheduled quality audit. This checklist maps out what each party needs, where they differ, and which documents draw the most scrutiny from approved quality auditors.

Documents a self-managed participant needs

Self-managed participants are not registered providers and are therefore not subject to NDIS Commission audits. However, they must be able to demonstrate appropriate use of their NDIS funding if queried by the NDIA or in an audit of participant records. The core documents are:

Written service agreements — with each worker or provider they engage, setting out services, hours, rates, and cancellation terms.
Invoices and payment records — retained to show every payment was for an NDIS-funded support and was reasonable and necessary.
Plan management or self-management statement — confirming the participant's management type and budget categories.
Worker identity and qualification records — evidence that workers hold relevant qualifications or clearances where the support type requires them (e.g., behaviour support practitioners).
NDIS Worker Screening clearances — for workers delivering certain risk-assessed roles, clearance is mandatory regardless of whether the participant is self-managed.

Notably absent from the self-managed list: formal incident management systems, complaints policies, governance frameworks, or quality audit evidence files. Those obligations belong to registered providers.

Documents a registered NDIS provider must hold

Registered providers are assessed against one or more NDIS Practice Standards modules depending on their registration groups. SIL providers are typically assessed against the Core module, the High Intensity Daily Personal Activities module, and often the Specialist Behaviour Support module. An approved quality auditor will request evidence across every applicable standard.

Governance and operational management

Organisational governance policy — board or executive structure, delegations, meeting minutes.
Risk management framework and current risk register.
Business continuity and emergency management plan.
Financial management policies demonstrating separation of NDIS funds.
Insurance schedule (public liability, professional indemnity, workers compensation).

Workforce management

NDIS Worker Screening policy — documented process for obtaining, recording, and monitoring clearances.
Worker screening register — current clearance numbers, expiry dates, and role classifications for every worker in a risk-assessed role.
Position descriptions aligned to support type and qualifications required.
Induction records and competency evidence (manual handling, medication administration, restrictive practices authorisation where applicable).
Supervision and performance appraisal records.
Code of Conduct acknowledgement, signed by all workers and contractors.

Participant-facing documentation

Service agreements — signed by or on behalf of each participant, covering scope, fees, cancellation, and complaint rights.
Individual support plans or SIL support plans, updated in line with each participant's NDIS plan review cycle.
Participant welcome or participant handbook, covering how to make a complaint and how to access an independent advocate.
Consent forms — for sharing information with third parties, taking photographs, emergency contacts.
Transition and exit planning records.

Incident management

Incident management policy — including definitions of reportable incidents under the NDIS (Incident Management and Reportable Incidents) Rules.
Incident register — record of all incidents, internal reviews, and actions taken.
Evidence of reportable incident notifications submitted to the NDIS Commission within the required timeframe.
Root cause analysis documentation for serious incidents.

Complaints management

Complaints management policy — aligned to NDIS (Complaints Management and Resolution) Rules.
Complaints register — de-identified record of every complaint, outcome, and systemic issues identified.
Evidence that complainants are informed of their right to escalate to the NDIS Commission.

Restrictive practices (SIL-specific)

For SIL providers supporting participants for whom a restrictive practice has been authorised, the documentation obligations are particularly stringent:

Behaviour Support Plans — prepared by a registered behaviour support practitioner, current, and accessible to all staff involved in delivering the plan.
State or territory authorisation documentation for each regulated restrictive practice used.
Restrictive practice reporting records submitted to the NDIS Commission as required.
Staff training evidence specific to the behaviour support strategies in each plan.

Side-by-side comparison

Document category	Self-managed participant	Registered SIL provider
Service agreements	Required	Required
Worker screening records	Required for risk-assessed roles	Required — formal register mandatory
Financial / payment records	Required	Required (more complex)
Governance and risk framework	Not required	Mandatory — audit evidence needed
Incident management system	Not required	Mandatory — including reportable incident notifications
Complaints policy and register	Not required	Mandatory
Behaviour Support Plans	Provided by registered practitioner	Must hold, implement, and report on
Quality audit evidence file	Not required	Mandatory — certification or verification audit

Where registered providers most commonly fall short

Quality auditors consistently identify the same categories of non-conformance in SIL provider audits:

Outdated service agreements — agreements that pre-date the participant's current NDIS plan or the strengthened Practice Standards, with missing provisions around consent, cancellations, or complaint rights.
Incomplete worker screening registers — expired clearances, contractors not recorded, or volunteers in risk-assessed roles without clearances.
Incident registers with closed gaps — incidents recorded but no evidence of root cause analysis, staff debrief, or systemic review for recurring events.
Behaviour Support Plans not accessible to staff — plans filed centrally but not available to support workers at the point of care, particularly in group or shared living settings.
No evidence of participant feedback loops — complaints policy exists on paper but there is no demonstrated process for gathering, reviewing, and acting on participant feedback.

Practical steps to get audit-ready in 2026

Map your registration groups against the current Practice Standards modules to confirm exactly which standards apply to your organisation.
Conduct a document gap analysis — list every policy, procedure, register, and evidence file an auditor will request, then identify what is missing, outdated, or undocumented.
Assign document owners — each policy should have a named staff member responsible for review, version control, and distribution.
Build your evidence file — policies alone are not enough. Auditors want to see completed forms, signed records, meeting minutes, and training logs that demonstrate the policy is implemented in practice.
Review all service agreements against the current participant plans and update any that reference outdated support types, rates, or funding categories.
Test your incident and complaint systems — run a simulated incident through your process end-to-end and check the paper trail against what an auditor would expect to see.

Providers building their document library from scratch — or bringing it up to the strengthened 2026 standard — may find it useful to start with a structured compliance kit. The ndiscompliant.com.au 74-document audit-ready SIL compliance kit is one practical option that covers the full range of policies, registers, and evidence templates auditors commonly request, pre-mapped to the current Practice Standards modules.

Key takeaway

The documentation gap between a self-managed participant and a registered SIL provider is substantial. Self-management requires sound record-keeping; registration requires a functioning quality management system with evidence of implementation. The 2026 strengthened Practice Standards have raised the bar, particularly around behaviour support, restrictive practices, and participant-directed feedback. Start your gap analysis early — waiting until an audit notice arrives does not leave enough time to build genuine evidence of practice.

Important: This article provides general guidance about NDIS compliance requirements. It is not legal or professional advice. Requirements may change as the NDIS Commission updates its policies and Practice Standards. Always verify current requirements with the NDIS Quality and Safeguards Commission or a registered NDIS consultant before making compliance decisions.