This is the most frequently cited non-conformance in NDIS audits. Auditors check the NDIS Worker Screening Database directly and compare it to your staff list. If a worker in a risk-assessed role has an expired, pending, or missing clearance — that is a non-conformance regardless of whether the worker is outstanding at their job.
Prevention: Track clearance expiry dates in your HR system. Set alerts at 90 days and 30 days before expiry. Block rostering for workers whose clearance has expired until renewal is confirmed.
Providers often complete mandatory training but fail to store completion certificates and records properly. Auditors ask for training records for a sample of staff. If you cannot produce the certificate, the training may as well not have happened from a compliance perspective.
Prevention: Store every training certificate in the worker's digital personnel file. Record completion date, trainer, RTO number, and certificate expiry. Run a training compliance report before every audit.
Three types of incident management failures are common:
Prevention: Use a structured digital incident reporting system. Ensure it automatically flags whether an incident is reportable to the Commission. Include a review workflow so managers must sign off on each incident report.
Many providers purchase policy packages that are well-written but have never been implemented. Auditors interview staff and participants to verify that policies are actually followed. If staff cannot describe the complaints process, or if no complaints have been logged despite participants being on service for years, that raises questions.
Prevention: Review your policies with front-line staff. Make sure they understand them, can explain them, and actually follow them. A shorter policy that staff know is better than an extensive one they have never read.
Auditors look for evidence that complaints are being received, recorded, and resolved. A complaint register that is empty is not evidence of satisfied participants — it is evidence of a non-functioning complaints process. Participants rarely complain formally to providers; they need to be actively encouraged and offered multiple ways to do so.
Prevention: Proactively offer participants and families information about how to make a complaint at every service agreement review. Record all feedback — even informal comments that lead to service changes — in your complaints system.
Participant plans change. If your records reflect an old support plan, an outdated risk assessment, or a behaviour support plan from two years ago that has since been revised, that is a non-conformance.
Prevention: Set a regular review cycle for each participant's records. When a plan is reviewed, update the records in your system on the same day. Flag participants whose NDIS plan end date is approaching so you can confirm the plan has been renewed before the expiry date.
The NDIS Practice Standards require that participants are informed of their rights, supported to make choices, and involved in decisions about their supports. Auditors look for evidence of this — not just a policy statement that says it happens.
Evidence might include: signed service agreements that explain rights, records of support plan review meetings, notes documenting participant preferences and choices, and evidence that participants can change providers without penalty.
In the 3 months before an audit:
The providers who consistently pass audits are not the ones who scramble to prepare. They are the ones whose systems generate compliance evidence automatically as part of normal operations. Digital incident management, automated credential alerts, structured documentation — these are not extra admin, they are the infrastructure of a compliant provider.
CareIQ's incident management, qualification tracking, credential alerts, and compliance dashboard create the evidence auditors ask for automatically. 2-month free trial, no setup fee.
Start Your 2-Month Free Trial