Commonwealth Coat of Arms of Australia

National Disability Insurance Scheme (Approved Quality Auditors Scheme) Guidelines 2018

made under subsection 181D(2) of the

National Disability Insurance Scheme Act 2013

Compilation No. 3

Compilation date: 15 November 2021

Includes amendments up to: F2021N00274

Registered: 20 November 2021

About this compilation

This compilation

This is a compilation of the National Disability Insurance Scheme (Approved Quality Auditors Scheme) Guidelines 2018 that shows the text of the law as amended and in force on 15 November 2021 (the compilation date).

The notes at the end of this compilation (the endnotes) include information about amending laws and the amendment history of provisions of the compiled law.

Uncommenced amendments

The effect of uncommenced amendments is not shown in the text of the compiled law. Any uncommenced amendments affecting the law are accessible on the Legislation Register (www.legislation.gov.au). The details of amendments made up to, but not commenced at, the compilation date are underlined in the endnotes. For more information on any uncommenced amendments, see the series page on the Legislation Register for the compiled law.

Application, saving and transitional provisions for provisions and amendments

If the operation of a provision or amendment of the compiled law is affected by an application, saving or transitional provision that is not included in this compilation, details are included in the endnotes.

Editorial changes

For more information about any editorial changes made in this compilation, see the endnotes.

Modifications

If the compiled law is modified by another law, the compiled law operates as modified but the modification does not amend the text of the law. Accordingly, this compilation does not show the text of the compiled law as modified. For more information on any modifications, see the series page on the Legislation Register for the compiled law.

Selfrepealing provisions

If a provision of the compiled law has been repealed in accordance with a provision of the law, details are included in the endnotes.

 

 

 

Contents

Introduction

Part 1 – Preliminary

1 Name

3 Authority

4 Definitions

5 Interpretation

Part 2 – Standards and Process Requirements

6 Applicants

7 Applicable NDIS Practice Standards and assessment method

8 Application for Audit

9 Audit Application Review and Assessment Process

10 Audit Program

11 Composition of the audit team

12 Verification audits

13 Certification audits

14 Stage One Audits

15 Stage Two Audits

16 Audit Reporting

17 Review

18 NDIS Provider Certification or Verification Decision

19 NDIS Provider Certification and Verification documentation

20 JASANZ Register

21 Midterm audit

22 Recertification and reverification

23 Changes Affecting NDIS Provider Certification or Verification Decisions

24 Termination, Reduction, Suspension or Withdrawal of Certification Verification Decisions

25 Records

26 Complaints and appeals

27 Provisional audits

28 Approved Quality Auditor’s Auditors and Personnel

29 Management of Competence for Personnel Involved in the Certification and Verification Process

30 Competence Requirements for Auditors, including auditors with technical expertise

31 Audit Team Roles

32 Auditors with Technical Expertise

33 Consumer Technical Experts

34 Evaluation Processes

35 Mechanism for Safeguarding Impartiality

36 Transitional mattersSurveillance (monitoring) and midterm audits

Annex A – Code of Conduct for Approved Quality Auditors (normative)

Annex B – Audit methodology and sampling (normative)

Annex C – Timeframe for correcting nonconformities

Annex D – Registration classes/groups exempted from sampling requirements

Endnotes

Endnote 1—About the endnotes

Endnote 2—Abbreviation key

Endnote 3—Legislation history

Endnote 4—Amendment history

Introduction 

 

This instrument is made by the Commissioner of the NDIS Quality and Safeguards Commission (the Commissioner).  The Commissioner is assisted by the staff of the NDIS Quality and Safeguards Commission (the Commission) to perform a range of functions under the National Disability Insurance Scheme Act 2013 (Act).  These include functions related to approved quality auditors and the assessments they conduct under the Act.

 

This instrument is underpinned by the United Nations Convention on the Rights of Persons with Disabilities (UNCRPD) to prevent exploitation, violence and abuse of people with disability and is intended to uphold the rights of people with disability. To support this, this instrument makes consumer technical experts (CTEs), or people with disability, part of the audit process. The Commission, along with the Department of Social Services, will work closely with key stakeholders to design the CTEs arrangements under this instrument.

 

Overview of the core accreditation processes for the Approved Quality Auditors Scheme

 

This instrument supports the delivery of certification and verification services by Certification Bodies seeking accreditation in alignment with ISO/IEC 17065:2012 towards becoming an approved quality auditor under the NDIS Approved Quality Auditors Scheme. The JASANZ accreditation criteria for becoming a Certification Body are set out in subsection 6(4).

 

The Approved Quality Auditors Scheme provides the framework for auditing of registered NDIS providers, including the approval process for approved quality auditors who will conduct the audits.  The standard approval process will recognise accreditation of an auditor to ISO/IEC 17065:2012. The intention of the Approved Quality Auditors Scheme is to set out the accredited third party conformity assessment regime to which NDIS providers will be subject. All registered NDIS providers offering supports and services to participants must meet quality and safety requirements in the Act (and NDIS rules).

The conformity assessment requirements are applied against the NDIS Practice Standards which are set out in legislative instruments made under section 73T of the Act. The NDIS Practice Standards draw on the National Standards for Disability Services and National Standards for Mental Health Services. The development of the NDIS Practice Standards was overseen by a Technical Reference Group. This group included representatives from each of the state and territory governments, the Commonwealth Department of Health, the National Disability Insurance Agency (NDIA), peak bodies representing people with disabilities and disability service providers. Unions and the peak body for disability advocates were also consulted.

 

The Commissioner approves a person or body to become an approved quality auditor under section 73U of the Act. The assessment of an approved quality auditor (certification, for providers delivering higher risk support classes and verification for providers delivering lower risk support classes) may be relied on by the Commissioner when making decisions under the Act.

 

For example, the certification and verification attestations of an approved quality auditor may be relied on by the Commissioner in considering whether to register an applicant as a registered NDIS provider. Section 73E(1)(c) of the Act provides: ‘The Commissioner may register a person as a registered NDIS provider ifthe applicant has been assessed by an approved quality auditor as meeting the applicable standards and other requirements prescribed by the NDIS Practice Standards’. The outputs of approved quality auditors may be relevant to imposing conditions of registration on registered NDIS providers, or in considering applications for registration (section 73G and section 73E(5)(d) of the Act), varying registration unilaterally (section 73L of the Act) or taking action under (section 73M), suspending registration (section 73N), or revoking registration (section 73P). Conditions of registration may extend to the ‘timing and type of audits’ required of registered NDIS providers (section 73G(3) of the Act).

 

The Commission may utilise approved quality auditor surveillance activities and outputs for its complaints investigation processes (section 73X of the Act), compliance notices (section 73ZM of the Act), banning orders (section 73ZN of the Act), enforceable undertakings (section 73ZP of the Act), and/or injunctions (section 73ZQ of the Act).

 

If the criteria in section 73E are met, the Commissioner will issue the applicant with a certificate of registration. The conformity assessment certification or verification will not be publicly displayed or otherwise publicly available unless required to be made available by law. It will be used by the Commissioner to assist with the performance of functions and exercise of decisionmaking powers under the Act.

Part 1 – Preliminary

1  Name

  This instrument is the National Disability Insurance Scheme (Approved Quality Auditors Scheme) Guidelines 2018.

3  Authority

  This instrument is made under subsection 181D(2) of the National Disability Insurance Scheme Act 2013.

4  Definitions

Note: A number of expressions used in this instrument are defined in section 9 of the Act, including the following:

(a) National Disability Insurance Scheme rules;

(b) NDIS Practice Standards;

(c) NDIS provider;

(d) nominee;

(e) participant;

(f) plan;

(g) restrictive practice.

  In this instrument:

Act means the National Disability Insurance Scheme Act 2013.

Approved quality auditor means a person or body approved by the Commissioner under section 73U of the Act.

Audit duration means the part of the audit time spent conducting audit activities, from opening meeting to closing meeting, inclusive.

Auditor means a person employed, contracted or otherwise engaged by the approved quality auditor to conduct an audit. An auditor includes an auditorintraining but does not include a consumer technical expert.

Auditorintraining is a newly qualified auditor with less than 4 supervised (by an audit team leader) audits performed over a 12 month period.

Audit team means a team of auditors and other personnel established by an approved quality auditor to conduct an audit.

Audit team leader is an experienced auditor who is qualified to lead audit teams and to supervise auditorsintraining.

Audit time means the total time needed to plan and accomplish a complete and effective audit against the applicable standards and other requirements within the scope of audit, and is exclusive of time spent reporting to the Commission.

Behaviour support plan means:

 (a) a comprehensive behaviour support plan; or

 (b) an interim behaviour support plan.

Certification audit means an audit for the purposes of ascertaining whether an NDIS provider meets the applicable standards using the certification assessment method described in section 5 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

Certification Body or CB means a body that has received accreditation by JASANZ against this Scheme, towards becoming an approved quality auditor.

Clinical means a bodily procedure or intervention that requires a measured level of competency.

Commission System means the online system or portal that the Commission, approved quality auditors and NDIS providers will use for the purposes of the Act, including the accessing and maintenance of records of registration.

Commission means the NDIS Quality and Safeguards Commission, which is established under section 181A of the Act.

Commissioner means the Commissioner of the NDIS Quality and Safeguards Commission.

Consent is where a participant provides written consent for an approved quality auditor and their auditors and personnel to access the participant’s records, discuss the participant’s supports or make contact with them, and then disclose those records containing personal information to the Commission. A request for consent is the responsibility of the NDIS provider, and a participant has the right to decline consent for auditing purposes.

Consumer technical expert means a person with disability who has the training, experience or skills to be involved in the audit team (see section 33).

Corrective action plan means an action plan developed by the provider that defines those corrections and corrective actions to be taken by the provider to address identified nonconformities.

Critical risk means any uncontrolled risk which may impact on participant safety including the incidents that must be covered as described in section 9 of the National Disability Insurance Scheme (Incident Management and Reportable Incident) Rules 2018.

  Functional behavioural assessment means the process for determining and understanding the function or purpose behind a person’s behaviour, and may involve the collection of data, observations, and information to develop an understanding of the relationship of events and circumstances that trigger and maintain the behaviour.

  IAF MD2 means the current version of the International Accreditation Forum Inc. Mandatory Document for the Transfer of Accredited Certification of Management Systems.

 Note: This can be accessed here https://www.iaf.nu/articles/Mandatory_Documents_/38

  IAF MD4 means the current version of the International Accreditation Forum Inc. Mandatory Document for the Use of Information and Communication Technology (ICT) for Auditing/Assessment Purposes.             

  Note: This can be accessed here https://www.iaf.nu/articles/Mandatory_Documents_/38

  IEC means the International Electrotechnical Commission.

Initial scope of audit document  is automatically generated by the Commission’s system following completion of the application to register as an NDIS provider, or the registration renewal process, containing the NDIS provider’s registration groups, applicable NDIS Practice Standards as well as other key information about the NDIS provider’s service delivery as stated by the provider on the registration application form or through the registration renewal process.

 Note: The initial scope of audit document is intended to be used by approved quality auditor to provide a quote for the cost of certification/ verification. Once the NDIS provider has engaged their preferred approved quality auditor the approved quality auditor is required to work with the NDIS provider to ensure the scope of audit is correct.

Inspection means the part of the certification assessment that is the inspection of the sites, facilities, equipment and services used, or proposed to be used, in the delivery of supports or services by an NDIS provider.

ISO means the International Organization for Standardization.

  JASANZ – the Joint Accreditation System of Australia and New Zealand being the body responsible for the accreditation of Certification Bodies (CBs) against this Approved Quality Auditors Scheme to inform the Commissioner’s decision relating to the approval of an approved quality auditor.

Midterm audit means an audit conducted for the purposes of section 13B of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 (see section 21 of this instrument).

NDIS behaviour support practitioner means a person the Commissioner considers is suitable to undertake behaviour support assessments (including functional behavioural assessments) and to develop behaviour support plans that may contain the use of restrictive practices.

NDIS provider has the meaning under section 9 of the Act.

Nominee has the meaning given under section 9 of the Act.

Outcomes are the elements of quality support which should be achieved for people with disability receiving support, identified through the NDIS Practice Standards.

Participant has the meaning given under section 9 of the Act.

Note: For the purposes of the Scheme and the NDIS Practice Standards, where a participant is supported by a nominee or decision maker (such as a family member), where the context requires the term ‘participant’ should be read as including the nominee or decision maker.

Proportionality means having regard to the matters set out in subsection 5(1A) of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

Provisional audit is an audit conducted when a new provider is entering the NDIS market, but they do not yet have any participants for the particular registration class.

Qualified certification decision means the outcome of a provisional audit as described in section 27(3) of this instrument.

Registration renewal date means the registration expiry date (or the last date of the period of registration) listed on a registered NDIS provider’s certificate of registration, and is the date before which an application for registration under section 73C of the Act must be commenced in the Commission’s system in order for the registered NDIS provider’s registration to continue in accordance with section 73K of the Act until the Commissioner makes a decision on the application.

Registration classes (sometimes known as registration groups) are the classes (or groups) of supports and services being delivered under the NDIS categorised into registration classes depending on the type of service or support delivered to participants by the NDIS provider as set out in the table at section 20 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

  Regulated restrictive practice means a restrictive practice that is or involves any of the following:

 (a) seclusion, which is the sole confinement of a person with disability in a room or a physical space at any hour of the day or night where voluntary exit is prevented, or not facilitated, or it is implied that voluntary exit is not permitted;

 (b) chemical restraint, which is the use of medication or chemical substance for the primary purpose of influencing a person’s behaviour. It does not include the use of medication prescribed by a medical practitioner for the treatment of, or to enable treatment of, a diagnosed mental disorder, a physical illness or a physical condition;

 (c) mechanical restraint, which is the use of a device to prevent, restrict, or subdue a person’s movement for the primary purpose of influencing a person’s behaviour but does not include the use of devices for therapeutic or nonbehavioural purposes;

 (d) physical restraint, which is the use or action of physical force to prevent, restrict or subdue movement of a person’s body, or part of their body, for the primary purpose of influencing their behaviour. Physical restraint does not include the use of a handson technique in a reflexive way to guide or redirect a person away from potential harm/injury, consistent with what could reasonably be considered the exercise of care towards a person;

 (e) environmental restraints, which restrict a person’s free access to all parts of their environment, including items and activities.

Note: For the definition of restrictive practice, see section 9 of the Act.

Scheme means this Approved Quality Auditors Scheme.

  Scope of audit means the range of services and supports that are to be assessed by the approved quality auditor as meeting the applicable standards and other requirements prescribed by the NDIS (Provider Registration and Practice Standards) Rules 2018. Services and supports funded through the NDIS are within the scope of audit.

 Note: The Commission’s system will automatically generate an initial scope of audit document based on the information entered by the NDIS provider. This document will be emailed to the provider’s primary contact.

Senior Practitioner is responsible for oversight of the use of behaviour support interventions by NDIS providers, the approval of NDIS behaviour support practitioners and leading best practice in behaviour support.

Specified changes or events means a change or event of which notice is required to be given by a registered NDIS provider to the Commissioner as described in sections 13 or 13A of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

  Support plan means a document developed, in consultation with the participant, by an appropriately skilled professional within the provider organisation prior to the commencement of supports.

Stage one audit means an audit as described in section 14 of this instrument.

Stage two audit means an audit as described in section 15 of this instrument.

Technical expert means a person, who is not an auditor, who provides specific knowledge or expertise to the audit team (see subsections 11(7), (8) and (9))”.

Auditors with technical expertise are auditors who have established and quantifiable technical expertise in a particular area that enables them to form a qualified opinion regarding a particular aspect of an NDIS provider’s activities (see section 32).

Verification audit means an audit for the purposes of ascertaining whether an NDIS provider meets the applicable standards using the verification assessment method described in the definition of ‘verification’ contained in section 4 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

Virtual site means the provision of supports or services using an online environment.

Witnessed audit is an audit by:

(a) JASANZ of an auditor of an approved quality auditor; or

(b) an approved quality auditor of one of its auditor’s conduct;

and not of the NDIS provider.

Worker has the meaning given in section 4 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

5  Interpretation

 (1) A reference in this instrument to a provider includes a reference to a person who is applying to become a registered NDIS provider.

 (2) A reference in this instrument to a participant includes a reference to:

(a) a prospective participant; and

(b) a person with disability receiving supports or services from a provider under the arrangements set out in Chapter 2 of the Act; and

(c) a person with disability receiving supports or services from a person included in a class of persons prescribed for the purposes of subparagraph (b)(ii) of the definition of NDIS provider in section 9 of the Act.

 (3) A reference in this instrument to a participant providing consent, includes a nominee providing consent on a participant’s behalf.

 (4) This instrument is intended to be read in conjunction with:

(a) the United Nations Convention on the Rights of Persons with Disabilities;

(b) ISO/IEC 17065 Conformity Assessment – requirements for bodies certifying products, processes and services;

(c) the Act and all rules made under section 209 of that Act as in force from time to time;

(d) the International Accreditation Forum Inc. Mandatory Document for the Use of Information and Communication Technology (ICT) for Auditing/Assessment Purposes (IAF MD4); and

(e) the International Accreditation Forum Inc. Mandatory Document for the Transfer of Accredited Certification of Management Systems (IAF MD2).

Note: These are the documents required to fully and properly utilise the technical standards in this instrument.  In ISO terms, they are normative references. The document described in paragraphs:

 5(4)(a) can be found at: https://www.un.org/development/desa/disabilities/conventionontherightsofpersonswithdisabilities/conventionontherightsofpersonswithdisabilities2.html

 5(4)(b) can be found at: https://www.iso.org/standard/46568.html

 5(4)(c) can be found at: https://www.legislation.gov.au/

 5(4)(d) and (e) can be found at: https://www.iaf.nu/articles/Mandatory_Documents_/38

Part 2 – Standards and Process Requirements

6  Applicants

(1) An audit for the purposes of carrying out an assessment under Part 3A of Chapter 4 of the Act and section 13B of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 is conducted by an approved quality auditor.

(2) In deciding whether to approve a person or body as an approved quality auditor under section 73U of the Act, the Commissioner may consider whether that person or body can properly conduct audits in accordance with this instrument.

Note 1: Pursuant to subsection 33(3) of the Acts Interpretation Act 1901, where an Act confers a power to make, grant or issue any instrument of an administrative character, the power shall be construed as including a power exercisable in the like manner and subject to the like conditions (if any) to repeal, rescind, revoke, amend or vary any such instrument.

Note 2: Accordingly, in making a decision to revoke the approval of a person or body to be an approved quality auditor in reliance on subsection 33(3) of the Acts Interpretation Act 1901, the Commissioner may take into account whether they failed to maintain an appropriate standard of auditing, including by reference to the matters in subsection 6(3).

(3) Matters which the Commissioner may (but is not required to) take into account when forming a view under (2) include:

(a) whether the person or body  has been accredited by JASANZ;

(b) whether relevant staff of the person or body have completed Commission auditor training; and

(c) any other matter the Commissioner considers relevant to the conduct of audits in accordance with this instrument.

(4) For the purposes of this section, accreditation by JASANZ means accreditation by JASANZ by reference to:

(a) the JASANZ Accreditation Manual;

(b) ISO/IEC 17065:2012 Conformity assessment — Requirements for bodies certifying products, processes and services – available from your national standards writing body,

(c) this instrument, and

(d) JASANZ Policy 03/11 Transfer of Accredited Management Systems Certification.

7  Applicable NDIS Practice Standards and assessment method

  (1) Section 13B and Part 6 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 and Part 2 of the National Disability Insurance Scheme (Practice Standards – Worker Screening) Rules 2018 specify the applicable standards and the method of assessment for an assessment by an approved quality auditor. In conducting a certification or verification audit the applicable NDIS Practice Standards to be assessed are:

(a) Schedule 1 – Schedule 7 to the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 set out NDIS Practice Standards that apply in relation to a certification audit;

(b) Schedule 8 to the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 sets out relevant NDIS Practice Standards that apply in relation to a verification audit; and

(c) Part 2 of the National Disability Insurance Scheme (Practice StandardsWorker Screening) Rules 2018 sets out NDIS Practice Standards that apply in relation to a certification and a verification audit.

Note: Section 23 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 and section 10 of the National Disability Insurance Scheme (Practice Standards – Worker Screening) Rules 2018 provide that if compliance with an applicable standard must be assessed using verification, the requirement is met if compliance with the standard is assessed using certification. 

(2) The National Disability Insurance Scheme (Quality Indicators for NDIS Practice Standards) Guidelines 2018 set out indicators and other matters to be taken into account when assessing compliance with the NDIS Practice Standards.

Note: The National Disability Insurance Scheme (Quality Indicators for NDIS Practice Standards) Guidelines 2018 can be found at www.legislation.gov.au

(3) In conducting a verification and certification audit, auditors should have regard to the current document published by the Commission which outlines the evidence that auditors must receive to assess conformity with the verification module of the NDIS Practice Standards as set out in Schedule 8 to the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

Note:  The Commission’s document entitled ‘NDIS Practice Standards: Verification Module – Required Documentation’ is available at https://www.ndiscommission.gov.au/document/1051

8  Application for Audit

(1) On request from the NDIS provider, the approved quality auditor shall provide a quotation for the cost of the certification audit or verification audit, based on the initial scope of audit document supplied by the NDIS provider on the basis that:

(a) the quote will be provided to the NDIS provider on a ‘noobligation’ basis and free of charge; and

(b) the NDIS provider shall be made aware that any change in the scope of the audit may impact upon the final cost.

Note: An NDIS provider may request quotations from a number of approved quality auditors prior to selecting their preferred supplier.

(2) If the NDIS provider has requested a quote for a verification audit, but the cost of undertaking that verification audit would exceed the cost of performing a certification audit against the Schedule 1 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018, then the approved quality auditor should supply the NDIS provider with the requested quote plus the separate costs of undertaking the certification audit.

(3) The NDIS provider may then decide whether to proceed with a verification audit or go through the certification audit process.

(4) Once the preferred approved quality auditor has been selected, the NDIS provider will provide them with a unique reference number that they can use to access the relevant sections of the NDIS providers record on the Commission’s system.

(5) Any transfer of JASANZaccredited NDIS certifications or verifications under this Scheme should be in accordance with the IAF MD2 and the JASANZ Accreditation Manual, except that the approved quality auditor receiving the transfer should also notify the Commission no later than 2 business days of receiving notice that the transfer is expected to occur.

(6) The written notification may be provided through the Commission’s system.

9  Audit Application Review and Assessment Process

(1) Prior to conducting certification or verification audits the approved quality auditor shall review the initial scope of audit document.

Note: The Commission’s system will automatically generate an initial scope of audit document based on the information entered by the NDIS provider. This document will be emailed to the provider’s primary contact.

(2) In consultation with the NDIS provider the approved quality auditor shall review the initial scope of audit supplied by the NDIS provider to confirm (if applicable):

(a) range of registration groups selected to provide reflects actual or intended services provided;

(b) types of participants receiving services, including disability type, age groups, diversity factors such as whether a participant is indigenous or culturally and linguistically diverse;

(c) geographic coverage of services provided;

(d) location and number of sites where supports are provided or coordinated;

(e) number of participants; and

(f) number of workers providing services to participants.

(3) The approved quality auditor should update the NDIS provider’s record on the Commission’s system to accurately reflect the scope of audit or other details about the NDIS provider. This may include uploading evidence. The approved quality auditor will need the NDIS provider’s written approval to make these changes.

(4) The final scope of audit shall be agreed once the above and any other relevant factors are ascertained. The agreed final scope of audit shall be provided to the Commission, and shared with the NDIS provider by the approved quality auditor using the Commission’s system.

10  Audit Program

(1) Subject to (2), the audit program for an NDIS provider shall be in accordance with any conditions on the registration of that provider regarding the types or timing of quality audits under section 73G of the Act.

Note: The conditions of registration imposed under section 73G of the Act are set out in the certificate of registration issued by the Commissioner.

(2) If no such conditions are imposed on the registration of an NDIS provider, the certification audit program for the evaluation activities in the initial cycle shall include:

(a) a twostage initial audit;

(b) if applicable, a midterm audit; and

Note: See section 21 of this instrument for further information about midterm audit requirements.

(c) a recertification or verification audit in the third year, no earlier than six months before the registration renewal date.

(3) For the purposes of (2), the initial cycle is three years long and begins on the registration approval date.

(4) The determination of the audit program and any subsequent adjustments shall also be in accordance with proportionality and dependent on any identified need to correct nonconformities as set out in Annex C.

(5) The Commissioner may authorise an approved quality auditor to assess an applicant or a registered NDIS provider against an applicable NDIS Practice Standards or processes by conducting a review of the outcomes and evidence from a comparable quality audit process undertaken in relation to the applicant or provider, if the Commissioner considers it is appropriate to do.

Note: Section 5 of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018, authorises the Commissioner to consider comparable quality audit processes for a certification audit.

11  Composition of the audit team

(1) Subject to (2), a certification or recertification audit shall be conducted by an audit team consisting of at least two auditors.

Note: An auditor includes an auditorintraining.

(1A) Provisional audits, midterm audits and verification audits shall be conducted by an audit team consisting of at least one auditor.

Note: Each audit team, with the exception of an audit team for a verification audit, needs to include an audit team leader (see subsection 11(5)).

(2) The Commissioner may on request or own motion provide oneoff special approval for an audit team for a particular audit to consist of one auditor if the Commissioner, is satisfied that there are exceptional circumstances, and issues a notice to that effect, to the approved quality auditor.

(3) An approved quality auditor should request a special approval from the Commission in writing, providing details for why the special approval is sought, no later than ten working days prior to the planned date of the stage two audit.

(3A) Except as otherwise provided in this instrument and in accordance with the required minimum numbers of auditors, the approved quality auditor may determine the responsibilities of auditors within the audit team for an audit, including the number of auditors that attend the inspection and interviews. Those responsibilities, and that number, shall be in accordance with proportionality.

Note: This instrument contains requirements regarding the roles of members of the audit team including audit team leaders, auditorsintraining, auditors with technical expertise, and consumer technical experts.

(4) Wherever possible the composition of the audit team shall reflect the characteristics of the supports provided (or intended to be provided) and the participants receiving (or intended to receive) the supports, such as:

(a) nature of the disability;

(b) cultural background; or

(c) other diversity factors.

(5) Each audit team shall include an audit team leader who satisfies the requirements for an audit team leader as described in sections 30 and 31 of this instrument. However, an audit team for a verification audit need not have an audit team leader.

(6) The composition of the audit team shall satisfy the minimum requirements for each service type within the scope of audit.

(7) Where an audit requires particular technical expertise the audit team shall include an auditor with the required technical expertise, or a technical expert in the relevant field.

(8) Technical experts shall have recognised qualifications and experience in the field or services area to be audited.

(9) For the purposes of (8), a person must be at least a registered nurse with current Australian Health Practitioners Regulation Agency registration, in order to be a technical expert in relation to a clinical matter.

12  Verification audits

Subject to section 9, audits for the purpose of verification shall include those activities in a stage one audit as specified in section 14 this instrument.

13  Certification audits

Certification audits shall comprise both those activities in a stage one audit as specified in section 14, and those activities in a stage two audit as specified in section 15.

14  Stage One Audits

(1) Subject to (2), a stage one audit is an offsite audit that shall incorporate a review of:

(a) the selfassessment responses completed by the NDIS provider as part of the registration application, or registration renewal process  and associated documents submitted by the NDIS provider, available through the NDIS provider’s application record accessed through the Commission’s system.

(b) the prior NDIS provider certification or verification outcome, corrective actions and audit report, if applicable; and

(c) any additional requirements raised by the Commission.

 

Note: The purpose of this review is to allow the approved quality auditor to collect sufficient verifiable information to contribute to stage two of the NDIS provider certification or verification process.

(2) A stage one audit may be conducted onsite where:

(a) the audit is for the purpose of certification or recertification; and

(b) the NDIS provider has given the approved quality auditor prior written agreement to the audit being conducted onsite.

(3) Stage two audits should commence within three months of the completion of the stage one audit.

(4) Prior to undertaking a stage two audit for NDIS provider certification purposes,  the approved quality auditor shall:

(a) where an instance of nonconformity has been found, or the audit team suspects an instance is likely to be found   supply the NDIS provider with the findings of the stage one audit at least two weeks before the commencement date of stage two audit;

(b) where no instances of nonconformity are identified or suspected supply the NDIS provider with the findings of the stage one audit a minimum of one (1) week before the commencement of the stage two audit.

(5) The findings referred to in (4) shall:

(a) state whether the range of documents and information supplied displayed sufficient content to meet the requirements of the relevant modules (or parts) of the NDIS Practice Standards; and

(b) clearly identify the NDIS provider’s registration class(es)/groups that will be included in the audit, key personnel, and number of participants, and propose how key personnel and participants are best involved in the audit.

Note For verification audits the audit findings shall be reported in line with the requirements of subsection 16(6).

(6) If the audit team determines that a NDIS provider is unlikely to be suitably prepared for their stage two audit, the audit team leader or approved quality auditor shall inform the NDIS provider and also inform the Commission using the Commission’s system that the stage two audit is likely to be delayed while the provider corrects the identified, or likely to be identified, nonconformities.

15  Stage Two Audits

(1) In conducting a stage two audit, the approved quality auditor shall evaluate the effectiveness and implementation of the NDIS provider’s systems in addressing all relevant modules or parts of the NDIS Practice Standards.

(2) Prior to commencing the inspection and interviews, the approved quality auditor shall:

(a) notify the Commission of the intended date of the audit using the Commission’s system;

(b) check the Commission’s system for any relevant information;

(c) ensure the provider has obtained prior informed consent from each participant selected to be part of the audit;

(d) develop an audit plan in accordance with proportionality and incorporates information from section 14(4) and the requirements of Annex B (as applicable);

(e) seek written agreement from the NDIS provider of the audit plan, and

(f) keep a copy of the agreed audit plan.

(5) During the stage two audit the audit team leader shall:

(a) chair and maintain records of opening and closing meetings with the NDIS provider;

(b) in the event that a critical risk relating to criminal acts or child protection concerns is identified:

(i) immediately notify the approved quality auditor, the Commission and any relevant authorities (such as the police) of the risk; and

(ii) cease the audit until the Commission notifies the approved qualified auditor that it may recommence;

(c) in the event that a critical risk not covered by (b) is identified:

(i) immediately notify the approved quality auditor of the risk; and

(ii) document the critical risk, and mitigations taken to date and then seek sign off by the approved quality auditor prior to submitting to the Commission using the Commission’s system within 24 hours; and

 Note: The Commission will acknowledge receipt and make recommendations about next steps see subsection 16(11).

(d) ensure the NDIS provider receives a written copy of the audit findings at the closing meeting.

(6) The approved quality auditor processes for the stage two audit meet the minimum requirements for sampling outlined in Annex B of this instrument, except where it is a provisional audit or where the provider is delivering one of the registered group/classes outlined in Annex D in which case no minimum sampling requirements apply.

(7) The approved quality auditor shall have a documented process for the calculation of stage two audit duration.  This process shall be in accordance with proportionality and include as a minimum the following aspects (as applicable):

(a) minimum audit duration of half a day (equating to 4 hours of work);

(b) size and complexity of the service being audited including geographic spread between regional and outreach services from the primary service hub;

(c) results of prior audits;

(d) sampling methodology applied to scope of audit (where applicable)

(e) approved quality auditor auditing practices;

(f) use of technical experts; and

(g) requirement that the audit duration comprises at least 80% of the estimated total audit time.

Note: ‘Audit time’ is defined in terms which exclude time spent reporting to the Commission – see section 4.

(8) The auditing process shall be respectful of participants and their family and minimise disruption to service delivery.

(9) Auditors shall collect a range of audit evidence in relation to compliance with the applicable standards in the National Disability Scheme Insurance (Provider Registration and Practice Standards) Rules 2018, including:

(a) information directly from participants; 

(b) information from family/friends/carer/nominees and/or independent advocates (with participant consent);

(c) the documented support plan and evidence of the delivery of supports to execute the plan; and

(d) all the supports delivered by the NDIS provider to the participant.

Note: The range of audit evidence under subsection 15(9) of this instrument is not relevant to provisional audits see section 27 of this instrument.

(10) Subject to subsection 15(11), a stage two audit shall be conducted onsite.

(11) An approved quality auditor may conduct a stage two audit of an NDIS provider remotely where:

(a) remote auditing is appropriate having regard to proportionality; and

(b) at least one of the following applies to the NDIS provider:

(i) the NDIS provider operates in remote or regional areas (as defined within the Accessibility/Remoteness Index of Australia);

(ii) the NDIS provider operates from virtual sites;

(iii) the NDIS provider provides classes of supports involving limited interaction with participants; and

(c) the approved quality auditor is accredited to IAF MD4.

16  Audit Reporting

(1) At the completion of the stage two audit conducted for the purpose of NDIS provider certification, the audit team shall prepare a written report using the Commission’s template and by completing all required fields in the relevant NDIS provider record in the Commission’s system.

(2) The certification audit report shall include the following matters:

(a) whether the NDIS provider will be recommended for full certification or if conditions should be applied to the registration requiring a stage two audit for any registration group where service delivery could not be assessed;

(b) an executive summary;

(c) demonstrate corroboration of evidence triangulated wherever possible from a variety of reliable sources;

(d) evidence from documented records and interviews with stakeholders that can be substantiated information provided with relevant and quantified examples;

(e) demonstrate the relationship between actual and expected outcomes;

(f) report attainment ratings against each outcome and indicator as determined at the time of the audit;

(g) ensure finding statements and corrective action requests are completed and appropriate to the level of attainment and risk determined;

(h) identify opportunities for improvement; and

(i) certification recommendations against each outcome within the applicable NDIS Practice Standards.

(3) The approved quality auditor can only recommend NDIS provider certification or verification where a NDIS provider has demonstrated that all criteria in the relevant NDIS Practice Standards are being met at the level of ‘Conformity’ (except in the circumstances described in 16(4) of this instrument), as described in Annex B, clause B.12.

(4) Certification or verification may be recommended where minor non conformities have been identified but the NDIS Provider has demonstrated to the approved quality auditor evidence of an acceptable corrective plan, prior to the recommendation being made.

 

Note:  Timeframes for addressing nonconformities are specified at Annex C.

(5) A rating of ‘0 – Major NonConformity’ shall preclude a certification.

(6) At the completion of a verification audit, the approved quality auditor shall complete all required fields of the relevant provider record within the Commission’s system.

(7) In the event that a critical risk relating to criminal acts or child protection concerns is identified other than as part of a stage two audit, the audit team leader or the approved quality auditor shall notify the Commission and any relevant authorities (such as the police) of the risk immediately.

(8) In the event that a critical risk not covered by (7) is identified other than as part of a stage two audit, the audit team leader or the approved quality auditor shall notify the Commission of the risk within 24 hours.

(9) Reporting to the Commission should be made through the Commission’s system where possible.

(10) If internet is not available, the approved quality auditor may report by phone, and follow up using the Commission’s system or through email as soon as practicable.

(11) The Commission shall recommend the next course of action in relation to the critical risk not covered by (7).

17  Review

(1) The audit report shall be proof read, independently reviewed, endorsed by the audit team leader, and provided to the NDIS provider for comment, before it is submitted to the Commission using the Commission’s system. 

(2) The approved quality auditor shall clearly document any disagreement between the approved quality auditor and NDIS provider. 

(3) This review process shall include but is not limited to:

(a) ensuring the report is factual and accurate and meets standards for reporting audit evidence; and

(b) ensuring the audit activities conducted were technically adequate and properly documented;

(4) Every audit report, and any document provided to the approved quality auditor by the NDIS provider as part of a stage one audit, shall be uploaded to the NDIS provider’s record on the Commission’s system by the approved quality auditor within time requirements for submission of information/reports as outlined in the Scheme.

(5) Timeframes for submission are:

(a) For certification audits (including midterm audits) no more than twenty eight calendar days post completion of the certification audit or as soon as practicable for midterm audits; and

(b) For verification audits no more than fourteen calendar days post completion of the verification audit.

(6) Where the content of the audit report is deemed by the Commission to be inadequate or incomplete the approved quality auditor may be requested to submit any additional evidence. The approved quality auditor shall submit this evidence within two working days of the request, unless otherwise agreed with the Commission.

18  NDIS Provider Certification or Verification Decision

(1) An approved quality auditor shall not issue a NDIS provider certification or verification decision to the NDIS provider.

(2) An approved quality auditor shall issue a NDIS provider certification or verification decision to the Commission and make a recommendation with the accompanying audit report to the Commission, for consideration in making the registration determination.

Note: The Commission shall notify the approved quality auditor of its registration decision in regards to NDIS provider the approved quality auditor has audited. For registration approvals, the registration decision will include the date of registration, and the period of registration.

(3) The decision to continue NDIS provider certification following a midterm audit constitutes a certification decision, and requirements of subsections 1 and 2 apply.

(4) The date of a certification or verification decision is not the same as the registration approval date which is the date on which the Commission decides to approve an application to be registered as a registered NDIS provider or to approve an application to continue that registration.

(5) Timeframes for the audit program and the audit cycle set out in section 10 are calculated from the registration approval date and not the date of the certification or verification decision.

19  NDIS Provider Certification and Verification documentation

(1) NDIS provider certification and verification decision documentation shall only be issued by an approved quality auditor to the Commission.

Note: The Commission may consider certification and verification documents from an approved quality auditor when making decisions under the Act.

(2) NDIS provider certification and verification documents issued by the approved quality auditor shall include the name of the NDIS provider, its Australian Business Number and may also include the registered business name (or registered trading name if prior to November 2018).

(3) The documents shall not just show the registered business or trading name, if this is not also the name of the legal or other entity which operates using that name.

(4) NDIS provider certification and verification documents shall state the registration class(es)/ group(s) the NDIS provider is certified or verified in relation to.

(5) Where the provider is registered for the ‘high intensity daily personal activities’ registration class/ group, then the certification documents shall also state which outcomes, as defined in Part 3 of the National Disability Insurance Scheme (Quality Indicators for NDIS Practice Standards) Guidelines 2018, were within the audit scope and similarly, which outcomes were not included in the audit scope.

20  JASANZ Register

(1) The JASANZ Register will include information in relation to registered NDIS providers and approved quality auditors.

(2) In relation to registered NDIS providers, JASANZ may include in the JASANZ Register a link to the NDIS provider register published in accordance with section 73ZS of the Act.

(3) In relation to approved quality auditors, JASANZ may include in the JASANZ Register a link to the list of approved quality auditors published by the Commissioner in accordance with section 73U of the Act.

Note: The NDIS Provider Register can be viewed here: www.ndiscommission.gov.au

21  Midterm audit

(1) Midterm audits shall be in accordance with section 13B of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 and be in accordance with proportionality.

Note: Section 13B of the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 provides that a midterm audit applies to a NDIS provider registered to provide a class of supports for which, under the table in subsection 20(3) to that instrument, the assessment method for the applicable standards is certification, with the exception of:

(i) a provider that is a partnership or individual and the only registration groups for which certification is required under the table in subsection 20(3) is early intervention supports for early childhood;

(ii) a provider for which the only registration group is specialist disability accommodation only; and

(iii) a transitioned provider.

Section 13B provides that a midterm audit is to use certification and must commence no later than 18 months after the beginning of the period for which the provider’s registration is in force. For each registration group for which a midterm audit is required, the audit must assess whether the provider has met, and is meeting, the following applicable standards for the registration group:

(i) the standards in Part 3 of Schedule 1 to that instrument;

(ii) any standard for which a previous assessment by an approved quality auditor identified a need for the provider to implement a corrective action plan; and

(iii) any standard specified in relation to the audit by the Commissioner in a written notice given to the provider.

(3) For establishing the audit team composition for a midterm audit, the requirements in section 11 of this instrument apply.

Note: The audit team for a midterm audit shall consist of at least one auditor, who is an audit team leader (see subsections 11(1A) and (5)).

22  Recertification and reverification

(1) The recertification activity shall include the review of previous midterm audit reports and consider the performance of the management system over the most recent NDIS provider certification cycle, and shall include the activities in Part 2 of this instrument.

(2) A recertification or reverification audit shall be planned to occur no earlier than six months prior to the registration renewal date, and where possible be conducted before that date to evaluate the continued fulfilment of all requirements of the NDIS Practice Standards, and shall confirm the continued conformity and effectiveness of the NDIS provider’s policies, procedures and practices.

(3) In addition, each recertification audit shall also address:

(a) effectiveness of the service in its entirety, and its continued appropriateness for meeting the conditions of registration of the NDIS provider;

(b) demonstrated commitment to maintain the effectiveness and improvement of the service to enhance overall performance; and

(c) effectiveness of the service with regard to achieving the certified NDIS provider’s objectives and the intended results of its service to participants.

Note: A registered NDIS provider must commence the registration renewal via the Commission’s system to allow recertification to commence.

(4) Recertification or reverification audits shall include a stage one audit which will include a selfassessment from the NDIS provider indicating where any variation or changes to their previous selfassessment have occurred.

(5) For any major nonconformity raised in a recertification or reverification audit, the approved quality auditor shall specify time limits for correction and corrective actions to the registered NDIS provider which are consistent with Annex C.

(6) In any event, corrections shall be implemented and verified prior to the expiration of NDIS provider certification.

(7) When a recertification or reverification audit is successfully completed prior to the expiry of the existing certificate, the expiry date of the new certification or verification decision (‘Decision’) shall be three years from the expiry of such an existing decision. This is unless the Commissioner has varied the certificate of registration under section 73L to be subject to a reduced period of registration, in which circumstances the expiry date of the Decision should align with the end of the period of registration..

(8) The recertification expiry date must align with the registration renewal expiry date.

(9) If the NDIS Provider has commenced the registration renewal application prior to the registration expiry, then the certification or verification shall continue to apply while the recertification or reverification process is undertaken, in accordance with the requirements of Part 2 of this instrument.

(10) The effective date on the certificate shall be aligned with the registration renewal approval date and expiry date, which can only occur if the NDIS provider has commenced the registration renewal process on the Commission’s system prior to the expiry of the registration.

23  Changes Affecting NDIS Provider Certification or Verification Decisions

(1) A NDIS provider seeking to add additional registration groups will use the appropriate Commission form to request a variation of registration through the Commission system.

(2) The Commission’s system will notify the associated approved quality auditor of the changed scope and whether the NDIS Provider is required to be verified or certified against additional modules or parts of the NDIS Practice Standards.

(3) Changes that do require the NDIS provider to be verified or certified against additional modules or parts of the NDIS Practice Standards shall be considered part of the midterm audit.

(4) The approved quality auditor may conduct audits of registered NDIS providers at short notice or unannounced to investigate complaints, or in response to specified changes or events.

(5) In the event of (4), the approved quality auditor shall exercise additional care in the assignment of the audit team because of the lack of opportunity for the NDIS providers to object to audit team members.

(6) An approved quality auditor may conduct audits of a registered NDIS provider at short notice or unannounced, if requested in writing by the Commission.

(7) The approved quality auditor shall keep records of all such communication and verification of changes.

(8) If the Commission suspends, revokes, or otherwise varies the registration of an NDIS provider, appropriate action shall include consideration of the change of the scope in future recertification or verification audits (if applicable).

24  Termination, Reduction, Suspension or Withdrawal of Certification Verification Decisions

(1) The information to substantiate nonconformity with the NDIS provider certification or verification requirements shall include all relevant, disclosable information about the NDIS provider, and be provided to the Commission, on request.

(2) The approved quality auditor shall keep a record of this information.

(3) The approved quality auditor shall notify the Commission through the Commission’s system seven calendar days prior to suspending or withdrawing NDIS provider certification or verification decision.

(4) The Commission shall take into account the withdrawal of NDIS provider certification or verification decision in considering the ongoing registration of the NDIS provider.

(5) The withdrawal of the NDIS provider certification or verification decision does not necessarily mean the Commission will suspend the registration. 

(6) The approved quality auditor shall collaborate with the Commission in formulating all communication relating to withdrawal or suspension of certification or verification decisions and keep a record of all related documents.

(7) The approved quality auditor shall notify the Commission through the Commission’s system seven calendar days prior to making any decisions to resolve a suspension of a verification or certification decision.

25  Records

 Records required to be kept in accordance with this instrument are required to be kept for 7 years.

26  Complaints and appeals

No additional requirements to ISO/IEC 17065:2012

27  Provisional audits

(1) An NDIS provider shall be subject to a provisional audit in circumstances where that provider:

(a) has applied for registration that is subject to the certification assessment method; and

Note: ‘Certification is defined in section 5 of the National Disability Scheme Insurance (Provider Registration and Practice Standards) Rules 2018 and the classes subject to certification are identified in section 20 or section 22 of those rules.

(b) is a new provider that has developed systems and processes to deliver NDIS supports and services but has not as yet commenced service delivery.

(2) A provisional audit shall consist of:

(a) a stage one audit (offsite); and

(b) an initial stage two audit which has the following modifications to reflect that the provider has not yet commenced service delivery;

(i) subsection 15(9) of this instrument does not apply to the audit; and

(ii) evidentiary requirements in Annex B do not apply to the audit.

Note: A provisional audit does not require witnessing (including interviews) because this audit occurs prior to the provider commencing the delivery of services.

(2A) Despite subsection 27(2), the activities referred to in that subsection may be undertaken as a single onsite audit.

(3) The outcome of a provisional audit is a qualified certification decision.

(4) If a provider that is subject to a qualified certification decision is subsequently registered by the Commissioner, then a further stage two audit (without the modifications specified in subsection 27(2) of this instrument) may be required once the provider has commenced service delivery.

Note: The Commissioner may impose conditions to which the registration of a person as a registered NDIS provider is subject, see section 73G of the Act.

(5) Generally, it would be appropriate for an audit for the purposes as described in subsection (4) to occur before the midterm audit.

(6) Where the NDIS provider’s systems are assessed as compliant, the process for advising the Commissioner is to use the Commission’s system as for other audit outcomes.

(7) After an audit under subsection (4) of this instrument, the approved quality auditor shall advise the Commissioner whether a full certification decision is appropriate, or if the approved quality auditor suggests the registration of the NDIS provider should continue to be subject to registration conditions relevant to the qualified certification decision.

28  Approved Quality Auditor’s Auditors and Personnel

(1) All audit activities, whether performed by the approved quality auditor’s auditors or personnel or outsourced, shall comply with the requirements of ISO/IEC 17065, including those requirements for identifying the top management having overall authority and responsibility for fulfilling all requirements of this Scheme.

(2) The approved quality auditor shall conduct employment probity checks for all auditors prior to their participating on an audit team probity checks will include national police record checks, and working with children/vulnerable persons checks and referee checks.

(3) National police record and working with vulnerable persons checks (or equivalent) shall be updated at least every three years, or in line with the requirements of the state or territory in which it was issued.

(4) The approved quality auditor shall disseminate to their auditors in a timely manner all relevant information from the Commission.

(5) The approved quality auditor and all of their auditors and technical experts shall attend all training or meetings with the Commission as required by the Commissioner, and maintain associated attendance records.

Note: All costs related to the attending meetings and training will be met by the approved quality auditor.

29  Management of Competence for Personnel Involved in the Certification and Verification Process

(1) The approved quality auditor shall have a process for determining the competence criteria for personnel involved in the management and performance of audits and other certification or verification activities for each registration class/group, and for each function in the NDIS provider certification process. 

(2) The output of the process shall be the documented criteria of required knowledge and skills necessary for the effective performance of audit, verification and certification tasks.

(3) The approved quality auditor will document this process and make it publicly available.

30  Competence Requirements for Auditors, including auditors with technical expertise

(1) The approved quality auditor shall ensure that all of their auditors (other than consumer technical experts) have:

(a1) provided evidence of successful completion of an auditor or lead auditor’s course.  As a minimum these courses should meet the requirements of competency standards BSBAUD501 Initiate a quality audit; BSBAUD504 Report on a quality audit; and BSBAUD402 Participate in a quality audit (audit team members) or BSBAUD503 Lead a quality audit (audit team leaders) or NZQA Audit quality management systems for compliance with quality standards (Unit Standard 8084) or equivalent coursework (as documented and justified by the approved quality auditor);

(a) the appropriate disability and cultural awareness, as required by their engagement, and an understanding of disability from a participant perspective. This includes an understanding and awareness of how Culturally and Linguistically Diverse (CALD), Indigenous, and Lesbian, Gay, Bisexual, Trans, Intersex and Queer differences may impact on the Participant’s perspective of disability; and

(b) appropriate knowledge of the operations of the NDIS Practice Standards and this instrument by successfully completing all relevant training offered by the Commission, including auditor training.

31  Audit Team Roles

(1) With respect to an auditorintraining, an approved quality auditor shall ensure that newly qualified auditors work in a team in a trainee capacity for a provisional period of no fewer than four audits over a twelvemonth period which are fully supervised by an experienced audit team leader.

Note:  An auditor includes an auditorintraining.  This means that the number of auditors in any audit team includes any auditorintraining.

(2) An auditorin training shall not work independently until such time as they have been assessed as competent by an experienced audit team leader.

(3) An audit team leader is responsible for coordinating the audit and accordingly must have the capability to perform responsibilities including but not limited to:

(a) arranging the audit team;

(b) confirming the membership of the audit team is appropriate to the type of audit being conducted;

(c) ensuring each audit team member has completed a conflictofinterest declaration;

(d) ensuring the audit is conducted in accordance with this instrument;

(e) confirming audit arrangements with the NDIS provider.

(4) Subject to (5), prior to undertaking the role of audit team leader, an auditor shall have participated in a minimum of four certification audits totalling at least eight days audit duration under the supervision of an experienced audit team leader.

(5) In special circumstances, an auditor may undertake the role of audit team leader, if the auditor has accrued equivalent experience to (4) auditing the provision of supports and services to people with disability other than under this Act.

(6) Special circumstances include circumstances where it is not possible for, or reasonable to expect, any auditor to have accrued the experience described at (4)

Example: Until the audit obligations in the Act come into effect (from 1 July 2018) there is no capacity for an auditor to begin to accrue the experience described at (4), however, there is a requirement for there to be audit team leaders from the commencement.  As a result, it is anticipated that the special circumstances in (6) are likely to apply in the period immediately following the commencement of the audit obligations, and taper off as it is increasingly reasonable to expect an auditor to have experience auditing under this Act.

32  Auditors with Technical Expertise

(1) An auditor with technical expertise shall audit specified components or modules of the NDIS Practice Standards that require a level of technical expertise in the service area being audited, as detailed in subsection 11(7) of this instrument.

(2) Where an auditor is acting as an auditor with technical expertise the auditor shall hold a relevant practising certificate and meet the specific competency requirements as set out in subsection 11(7) of this instrument.

(3) An auditor with technical expertise may participate in an audit as a member of the audit team, or may provide advice or opinion on specific matters.

33  Consumer Technical Experts

(1) Consumer technical experts will initially only be required to form part of the audit team when this is required by the Commissioner in relation to the particular NDIS provider (including when specified as a condition of registration).

(2) A consumer technical expert shall:

(a) possess demonstrated knowledge and skills related to and recent experience of the supports and services delivered under the registration class(es)/groups being audited;

(b) be competent to reach an informed opinion on the appropriateness of the services being offered within the service being audited; and

(c) be able to identify trends in relation to supports provided.

Note: A consumer technical expert is a person with disability who has the training, experience or skills to be involved in the audit team (see definition in section 4).  A person with disability may be included in an audit team, for example, where they have a disability relevant to the supports and services under the registration classes or groups subject to the audit.

34  Evaluation Processes

(1) The approved quality auditor shall:

(a) ensure all of their auditors and personnel, including consumer technical experts and technical experts, comply with the Code of Conduct as outlined in Annex A; and

(b) ensure their auditors can demonstrate having undertaken continual professional development through regular participation in education and training relevant to the registration class(es)/group(s) they primarily audit.

(2) The approved quality auditor shall have documented processes for the initial competence evaluation, and ongoing monitoring of competence and performance of all personnel involved in the management and performance of audits and other certification activities, applying the determined competence criteria. 

(3) The approved quality auditor shall demonstrate that its evaluation methods are effective:

(a) the output from these processes shall be to identify personnel who have demonstrated the level of competence required for the different functions of the audit and certification process;

(b) competence shall be demonstrated prior to the individual taking the responsibility for the performance of their activities within the approved quality auditor.

(4) The approved quality auditor shall undertake annual performance reviews of all their auditors (including audit team leaders) which includes consideration of the most recent witnessed audit

Note: A witnessed audit forms a part of the biennial performance review process required for each and every auditor of the approved quality auditor. If available, findings from a JASANZ witnessed audit performed within two years of the annual performance review may be used in lieu of the above.

(5) At a witnessed audit the witnessing auditor shall:

(a) have the experience of at least an audit team leader;

(b) not be a member of the audit team subject to the witnessed audit,

(c) not participate in the audit of the NDIS provider.

(6) The witnessing auditor shall focus on the performance of the auditor being witnessed and shall make no judgment of the NDIS provider.

(7) Witnessed audits may move to triennially where the following criteria are met:

(a) the auditor has been employed by the approved quality auditor for a period of two years;

(b) no complaints have been received that relate to the auditor’s performance including outcomes of report reviews;

(c) no nonconformities to the Scheme have been identified during witnessed audits by either the approved quality auditor or the Commission; and

(d) the auditor has undertaken a minimum of six audits within the previous twelve months and continues to participate in at least six audits per annum under this instrument.

(8) The approved quality auditor shall ensure that auditors with technical expertise include within their continual professional development:

(a) education covering all legislation and regulations relevant to the service setting; and

(b) current management of commonly occurring clinical conditions relevant to the service setting (where applicable).

35  Mechanism for Safeguarding Impartiality

(1) The approved quality auditor shall ensure that:

(a) all audit team members complete a conflictofinterest declaration before every audit;

Note: If a member of an audit team has previously conducted a gap analysis or similar services to the NDIS provider – see paragraph 35(1)(d), this is a conflict of interest that must be declared.

(b) Subject to subsection 35(3) of this instrument, it does not provide training to NDIS providers, auditors or contractors that includes content related to this instrument, the NDIS Practice Standards or the National Disability Insurance Scheme (Quality Indicators for NDIS Practice Standards) Guidelines 2018.

(c) When providing gap analysis, the approved quality auditor shall not provide auditing services under this instrument to that provider for a period of at least two years following the completion of that gap analysis; and

Note: A gap analysis for the purposes of subsection 35(1)(c) of this instrument is where an NDIS provider engages an approved quality auditor to evaluate their operations in the NDIS market giving consideration to the applicable standards, or education services for that NDIS provider.

(d) Where an audit team member has provided gap analysis to a particular NDIS provider, the approved quality auditor shall not allow that audit team member to provide auditing services under this instrument to that provider for a period of at least two years following the completion of that gap analysis; and

Note: A gap analysis for the purposes of paragraph 35(1)(d) of this instrument is where an NDIS provider engages an audit team member (either individually or through another entity) to evaluate their operations in the NDIS market giving consideration to the applicable standards, or education services for an NDIS provider.

(2) For the purposes of this section, gap analysis means an optional review conducted by an auditor who will not be conducting the audit or another organisation suitably qualified to do so. A gap analysis is designed to ascertain the degree of readiness of the NDIS provider to proceed to certification audit by identifying any gaps that may need addressing prior to the certification audit.

(3) Training about an approved quality auditor’s internal processes in relation to this Scheme and delivered inhouse by an approved quality auditor to their personnel that have already attended the Commission’s auditor training can be conducted by approved quality auditors.

Note: Training about this instrument, the NDIS Practice Standards or National Disability Insurance Scheme (Quality Indicators for NDIS Practice Standards) Guidelines 2018 will be provided by the Commission or its representative.

36  Transitional mattersSurveillance (monitoring) and midterm audits

(1) In this section:

Amendments means the amendments made by the National Disability Insurance Scheme (Provider Registration and Practice Standards) Amendment (2019 Measures No. 1) Rules 2019 to the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018 (the Rules).

Rules means the National Disability Insurance Scheme (Provider Registration and Practice Standards) Rules 2018.

(2) The amendments commence on 1 January 2020.

(3) The amendments insert a new section 13B to the Rules which relates to audit requirements.  The new section 13B provides that it is a condition of their registration that registered NDIS providers must undergo a midterm audit if they are registered to provide a class of supports for which the assessment method is certification.

(4) The transitional provisions in subsection 30(3) of the Rules (as to be inserted by the National Disability Insurance Scheme (Provider Registration and Practice Standards) Amendment (2019 Measures No. 1) Rules 2019) provide that the new section 13B amendments relating to midterm audits apply on and after 1 January 2020 in relation to all registered NDIS providers, whether they were registered before, on or after that date.

(5) The previous version of these Guidelines specified that the audit program for registered NDIS providers which were required to undergo certification audits must include surveillance (monitoring) audits in the first and second calendar years following the registration decision, subject to certain exceptions. These requirements are removed from these Guidelines as of 1 January 2020.

(6) Where a surveillance (monitoring) audit was conducted and completed for a registered NDIS provider before 1 January 2020, the following applies:

(a) If the surveillance (monitoring) audit meets the requirements for midterm audits set out in section 13B of the Rules, then the Commissioner will accept that audit as being a midterm audit for the purposes of section 13B:

(b) The relevant requirements of midterm audits are set out in subsections 13B(3) to (5) of the Rules as follows:

(i) The audit was carried out by an approved quality auditor using certification; and

(ii) The audit was carried out no later than 18 months after the beginning of the period for which the provider’s registration is in force.

(iii) The audit assessed, for each of the class of supports whether the provider has met, and is meeting, the following applicable standards for the class of supports:

 the standards in Part 3 of Schedule 1 (those relating to provider governance and operational management);

 any standard for which a previous assessment by an approved quality auditor identified a need for the provider to implement a corrective action plan;

 any standard specified in relation to the audit, for the purposes of this paragraph, by the Commissioner in a written notice given to the provider.

(c) If the surveillance(monitoring) audit does not meet all the requirements of midterm audits as set out in subsections 13B(3) to (5) then a midterm audit will need to be conducted which meets all such requirements.

(d) If the surveillance(monitoring) audit meets the requirements as set out in subsections 13B(3) to (5), then the registered NDIS provider which was the subject of the audit will not be required to undergo a further midterm audit during its current registration period.

Annex A – Code of Conduct for Approved Quality Auditors (normative)

All approved quality auditor personnel (including auditors) shall:
 

 act professionally and ethically, and report findings in an accurate, consistent and unbiased manner and in accordance with the requirements of this Scheme and NDIS Practice Standards;

 adhere to the requirements of the Privacy Act 1988 (Cth), the Act and instruments, Competition and Consumer Act 2010 (Cth), Work Health and Safety Act 2011 (Cth) or equivalent Work Health & Safety legislation in the jurisdiction of the NDIS provider, and all other relevant legislation or regulations where applicable;

 not promote or represent any business interests or any entity with which they have an interest or may have an interest while conducting audits;

 not accept any inducement, commission or gift or any other benefit from any interested party whilst engaged to provide any auditing services to the provider;

 not communicate false, erroneous or misleading information that may compromise the integrity of any audit;

 not act in any way that would prejudice the reputation of the Commission or the approved quality auditor;

 cooperate fully with any inquiry in the event of a complaint about their performance as an auditor or any alleged breach of this code;

 accept that providers have the freedom to select and change their approved quality auditor and not to place any undue influence on providers when they are making a decision in this respect;

 refrain from making any comments on any particular auditors or approved quality auditor;

 respect participants’ rights during any interaction especially when assessing vulnerable populations.

All auditors shall (also):

 strive to increase the competence and prestige of auditors by continuing to develop their own auditing skills;

 not misrepresent their own or any other individual’s qualifications, competence or experience nor undertake auditing work beyond the scope of their own qualifications knowledge and expertise;

 not enter into any activity that may be in conflict with the best interests of the Commission or the approved quality auditor or that would prevent the performance of their duties in an objective manner.

Annex B – Audit methodology and sampling (normative)
 

B.1 Evidence Based Auditing

When conducting audits against the NDIS Practice Standards the approved quality auditor shall consider participants’ experiences of supports as an important part of the triangulation of evidence.  In the collection of evidence, the principles of sampling apply to the review of documents, interview attendee selection and observations.

 

B.2 High Risk Registration Classes/Groups

Sampling shall be prioritised to those registration classes/groups or service processes that are of the ‘highest risk’. These are:

(a) High Intensity Daily Personal Activities;

(b) Specialist Positive Behaviour Support (whether Module 2 and/or 2A);

(c) Early Intervention for Early Childhood;

(d) Specialist Disability Accommodation; and

(e) Specialist Support Coordination

B.3 Sample Methodology

The approved quality auditor shall take appropriate steps to ensure that the provider is made aware of and complies with the sampling methodology requirements (for example, through its contract with the provider).

In particular, the approved quality auditor shall take steps in relation to the following:

(a) The participant sampling methodology used under this Scheme is Opt Out sampling. This means that provider will need to advise all their participants that they are automatically enrolled into the audit process (i.e. they may be contacted by the audit team for interviews and/or have their files, records or plans reviewed to ensure compliance with the standard); and

(b) In the event that a participant does not want to participate in this audit process, the provider needs to document and respect that decision, and communicate it to the approved quality auditor. The approved quality auditor should document the number of participants that opted out of the sampling, including in the report for the relevant audit. 

 

B.4 Sample Size

Worker files and interviews

The minimum sample requirements for worker files and interviews are determined by reference to the minimum composition requirements for worker sampling (B.5 (e)), and what is needed to ascertain whether the provider is meeting the applicable NDIS Practice Standards in accordance with proportionality.

Participant files and interviews

There are no minimum sampling requirements for registration class(es)/group(s) listed in Annex D including for participant files, participant interviews and multisite sampling. Review of some participant files and participant interviews is expected to occur as a matter of course, however, when the assessment is being conducted using the certification method.

Note: Participant files and participant interviews are a key source of evidence for conformity assessment.

With respect to any registration class (or group), which is not listed in Annex D, approved quality auditors shall determine the minimum sample size in relation to participant files and interviews for all a provider according to the following method:

(a) Step 1 – Identify the total number of participants receiving supports or services from the provider at that time (total participants);

(b) Step 2 – Identify the number of participants receiving only supports or services falling into a category listed in Annex D at that time (Annex D participants);

(c) Step 3 – Subtract the number of Annex D participants from the total participants.  The result is the sample population number;

(d) Step 4 – if:

(i) the sample population number is 5 or less, then the sample population number is the minimum sample size for that provider;

Note: Care should be taken to ensure the anonymity of participants where there is a small sample size.

(ii) the sample population number is greater than 5, then the minimum sample size is determined using Step 5;

(e) Step 5 – if

(iii) the audit is for a certification or recertification, then take the square root of the sample population number and round up to the nearest integer.  The result is the minimum sample size for the provider;

(iv) the audit is a midterm audit, then take the square root of the sample population number, multiply by 0.6, then round up to the nearest integer.

 

Example 1: 

 

Approved quality auditor X is engaged by Provider Y to conduct a recertification audit.  At that time the provider delivers a range of NDIS supports and services to 40 participants.

 

 The total participants for Provider Y is 40.

 

Provider Y is registered for 3 registration groups, and one of them (community nursing care) is listed in Annex D.  A total of 12 participants receive a mix of services and supports from the provider (including community nursing care), but 8 receive only community nursing care.

 

 The Annex D participants for Provider Y is 8.

 

When step 3 is applied (total participants – Annex D participants), the sample population number for Provider Y is 32.

 

Because the sample population number is greater than 5, approved quality auditor X must apply Step 5 to determine the minimum sample size.

 

 The square root of the sample population number is 5.65, which is rounded up to 6.

 

The minimum sample size for provider Y is 6.  This means that approved quality auditor X must consider 6 participant files and 6 participant interviews.

 

 

Where an approved quality auditor finds nonconformity within the minimum sample sizes the sample size shall be increased by the number of nonconformities to verify whether the case is a system or process failure or a oneoff anomaly.

B.5 Sample Composition – files and interviews
 

(a) Where a provider is registered for a high risk registration class or group (see B.2), the sample must include participant files and participant interviews from all applicable highest risk registration groups. Where the random sample does not include these participants, the sample should be reselected until participants from the highest risk registration groups are included.

(b) The sample should include participant files and interviews from every site included within the sample (in line with multisite sampling requirements – see B.6)). Sites where supports or services belonging to a high risk registration group are delivered to participants should be included within the sample. If some high risk registration groups are excluded from the sample, due to the sample size, those sites that were not included should be sampled in the next or subsequent audit.

(c) Approved quality auditors shall not allow the provider to preselect samples.  This requirement applies to samples of workers and participants as well as participant files.

(d) Approved quality auditors shall work with the provider to ensure that there is diversity within the sample across the audit cycle and subsequent audit cycles this is to reduce the risk that the same participants or files are included within the audit sample for midterm audits or recertification audits.

(e) The workers sampled shall include workers in governance, management and service delivery roles, from all shifts (where applicable).

Note: This requirement may be achieved by interviewing workers working on a day or afternoon shift who also work night shifts as part of rotating duties or relief duties.

B.6 Sample Size and Composition – attendance at site

Where an NDIS provider has a single site, then that site must be attended as part of the certification audit.

Where an NDIS provider has more than one site (including head office), then the minimum number of sites which must be attended as part of an audit is determined according to the following methodology:

(a) Step 1 – identify the number of sites operated by the provider, including the head office (total sites);

(b) Step 2 – if:

(ii) The audit is for certification or recertification, take the square root of the total sites, and round up to the nearest integer.  This result is the minimum number of the provider’s sites which must be attended as part of an audit;

(iii) The audit is a midterm audit, then take the square root of the total sites, multiply by 0.6, then round up to the nearest integer.

The head office must always be one of the sites attended.

Where the provider delivers supports and services belonging to a high risk registration group, at least one site where the provider delivers those supports and services must be among the sites attended.

Example 2:

Approved quality auditor L is engaged by Provider M to conduct a midterm audit.  Provider R delivers NDIS supports and services through 16 outlets, in addition to its head office.

Approved quality auditor L determines that Provider M has 17 sites (total sites), being the number of outlets plus the head office.

The square root of 17 is 4.12. Approved quality auditor L multiples this by 0.6 to get 2.47, which approved quality auditor L rounds up to 3.

Approved quality auditor L identifies that they must attend at least 3 of the provider’s sites as part of the audit.

Approved quality auditor L includes the head office in the list, and examines the registration groups of the provider.  They identify that specialist positive behaviour support services are delivered to participants at one other site operated by the provider, and that another site was not subject to participant file or interview examination during the previous audit. Approved quality auditor L schedules the head office and these two other sites for site visits as the minimum, and then looks at whether it would be appropriate to include any others.

B.7 Random Sampling

In every audit, approved quality auditors shall select participant files through random sampling in addition to stratified sampling. Auditors are expected to select participants and workers for interview as randomly as possible with the aim of getting a representative sample across age, gender, diversity etc.

 

B.8 Incidental Sampling

In incidental sampling an approved quality auditor selects the sample based on the collection of evidence while following audit trails. Approved quality auditors shall not use incidental sampling as the principal form of evidence collection, but to supplement other information collected throughout the audit process.

 

B.9 Interviewing

Approved quality auditors shall use interviews to gather new audit evidence and to corroborate audit evidence.  Where possible, interviews should be conducted face to face; however, this should be guided by participant/interviewee preference.

 

Interviewing of workers, participants and family, friends, carers/nominees, independent advocates (where applicable) shall not take place solely in groups.  Interviewing of workers shall include workers directly providing services it shall not be isolated to the board, senior management or staff employed in a team leader or management capacity.

 

Interviews with individuals should seek their views on whether the support provider is meeting their expectations and where appropriate assisting them to attain their goals.

 

Approved quality auditors shall use interviewing to corroborate information such as how processes are implemented and their effectiveness.  The approved quality auditor shall ensure that when undertaking interviews auditors:

a) Obtain consent from interviewee(s) prior to conducting the interview (including through the use of supported decision making);

b) Conduct interviews in an appropriate environment that provides for adequate privacy;

c) Reduce barriers to effective communication (for example, do not use jargon, and take into account communication requirements or specific cultural requirements);

i. Where an interpreter is required to assist in an interview, that interpreter should have appropriate, recognized qualifications.

d) Introduce themselves to the interviewee(s) before beginning the interview;

e) Explain the purpose of the interview to the interviewee(s);

f) Explain that the interview is confidential and documented in such a manner to maintain anonymity;

g) Seek permission to take notes;

h) Start the interview using a standard set of questions;

i) Use a balance of open and closed questions;

j) Validate understanding by summarising information or reflecting back to the interviewee; and

k) End the interview by allowing the interviewee to ask any questions or make comments that may not have been covered within the interview.

B.10 Family, Friend, Carer or Nominee

During certification and recertification audits, auditors shall gather information from a sample of family, friends and carers/nominee through either an interview or a survey conducted by the approved quality auditor. The approved quality auditor shall ensure:

a) With the consent of the participant, family, friends, carers/nominees, and independent advocates (where applicable) are interviewed individually or as a group in accordance with their preference either in person or in a telephone interview, and

b) Where an approved quality auditor undertakes a survey of family, friend, carers/nominees the survey is posted or emailed to all family, friends, carers/nominees at least two weeks prior to a certification or recertification audit.  If posted, the survey shall include a prepaid envelope for the return of the survey. Where return of surveys is low, approved quality auditors shall look for other forms of evidence to ensure that they have confidence in the system.

B.11 Collection of Audit Evidence

Where an approved quality auditor determines that an event poses a serious risk of harm or potential harm to a participant the approved quality auditor is required to determine that the service in question has remedied the situation and the risk of reoccurrence is negligible or to further substantiate the risk and make an appropriate audit finding and agree on an action plan.  If a critical risk is identified the Commission is to be notified in accordance with section 15(5) of this instrument.

 

B.12 Ratings

For the purpose of stage one, stage two and midterm audits the level of compliance with criteria in applicable standards shall be rated as follows:

Rating

Attainment Level

Interpretation

3

Conformity with elements of best practice

The NDIS provider can clearly demonstrate conformity with best practice against the criteria. Best practice is demonstrated through innovative, responsive service delivery, underpinned by the principles of continuous improvement of the systems, processes and associated with the outcomes.

2

Conformity

The NDIS provider can clearly demonstrate that the outcomes and indicators are met evidence may include practice evidence, training, records and visual evidence. This would mean there was negligible risk and certification can be recommended.

1

Minor Nonconformity

A rating 1 will require a corrective action plan which reduces the likelihood of any risks identified occurring or impacting participant safety before certification or verification can be recommended one of two situations usually exists in relation to minor nonconformity:

 There is evidence of appropriate process (policy/procedure/guideline etc.), system or structure implementation, without the required supporting documentation

 A documented process (policy/procedure/ guideline etc.), system or structure is evident but the provider is unable to demonstrate implementation review or evaluation where this is required

0

Major Nonconformity

The NDIS provider is unable to demonstrate appropriate processes systems or structures to meet the required outcome and indicators and/or the gaps in meeting the outcome present a high risk Three Minor NonConformities within the same module may also constitute a Major NonConformity A rating of 0 will preclude a recommendation for certification.

 

The audit report shall reflect findings and ratings as determined at the time of the audit, and in accordance with requirements at section 16 of this instrument.  This will ensure that appropriate outcomes and associated indicators will be further monitored at subsequent audits.

Annex C – Timeframe for correcting nonconformities

Timeframe for correcting nonconformities

1. The approved quality auditor shall require a registered NDIS provider to present a corrective action plan to it within seven  calendar days of written notification of the nonconformity.

2. For a major nonconformity, the approved quality auditor shall undertake a desktop review of the implemented corrective actions within three calendar months of receiving the corrective action plan and shall, if necessary, conduct an onsite followup.

3. Critical risks or other serious matters would normally require an onsite followup or reaudit within three  calendar months.

4. Major nonconformities shall be downgraded or closed within three calendar months of initial written notification of the nonconformity.

5. For major nonconformities identified as part of a midterm or recertification audit, failure to downgrade or close a major nonconformity within three calendar months shall result in automatic suspension of the certification decision made by the approved quality auditor.

6. Minor nonconformities shall be closed out within eighteen calendar months of initial written notification at the midterm or recertification audit (whichever comes first); otherwise the minor nonconformity shall be escalated to a major nonconformity.

7. If a minor nonconformity has been escalated to a major nonconformity, failure to close out the major nonconformity within three calendar months shall result in automatic suspension of certification decision made by the approved quality auditor (i.e. a nonconformity that has been escalated to a major nonconformity shall not be downgraded back to a nonconformity).

8. If a major nonconformity has been downgraded to a minor nonconformity, failure to close out the nonconformity within twelve calendar months from the date of issue of the original finding shall result in automatic suspension of the certification decision of the approved quality auditor (i.e. a major nonconformity downgraded to a minor nonconformity shall be closed out within the remaining nine calendar months and not be escalated to a major nonconformity again)

9. The approved quality auditor shall conduct a followup in the most costeffective manner that ensures that major nonconformities have been properly downgraded or closed. This may entail a desktop review of documentation, supplemented by telephone interviews of workers and participants, to verify that the requirements of the applicable NDIS Practice Standards have been met.

10. Where the approved quality auditor has raised a major nonconformity or minor nonconformity, the relevant outcome or outcomes from the applicable NDIS Practice Standards will be audited at the midterm or recertification audit (whichever comes first) to ensure that the processes developed as part of the corrective action plan have been put into practice.

Annex D – Registration classes/groups exempted from sampling requirements

 

Registration Class/Group

accommodation/tenancy assistance

assistive products for personal care and safety

personal mobility equipment

assistance with travel/transport arrangements

vehicle modifications

home modifications

assistive equipment for recreation

vision equipment

community nursing care

innovative community participation

specialised hearing services

household tasks

interpreting and translating

hearing equipment

assistive products in household tasks

communication and information equipment

exercise physiology and personal training

management of funding for supports in participant’s plans

therapeutic supports

specialised driver training

assistance animals

hearing services

customised prosthetics

Endnotes

Endnote 1—About the endnotes

The endnotes provide information about this compilation and the compiled law.

The following endnotes are included in every compilation:

Endnote 1—About the endnotes

Endnote 2—Abbreviation key

Endnote 3—Legislation history

Endnote 4—Amendment history

Abbreviation key—Endnote 2

The abbreviation key sets out abbreviations that may be used in the endnotes.

Legislation history and amendment history—Endnotes 3 and 4

Amending laws are annotated in the legislation history and amendment history.

The legislation history in endnote 3 provides information about each law that has amended (or will amend) the compiled law. The information includes commencement details for amending laws and details of any application, saving or transitional provisions that are not included in this compilation.

The amendment history in endnote 4 provides information about amendments at the provision (generally section or equivalent) level. It also includes information about any provision of the compiled law that has been repealed in accordance with a provision of the law.

Editorial changes

The Legislation Act 2003 authorises First Parliamentary Counsel to make editorial and presentational changes to a compiled law in preparing a compilation of the law for registration. The changes must not change the effect of the law. Editorial changes take effect from the compilation registration date.

If the compilation includes editorial changes, the endnotes include a brief outline of the changes in general terms. Full details of any changes can be obtained from the Office of Parliamentary Counsel.

Misdescribed amendments

A misdescribed amendment is an amendment that does not accurately describe the amendment to be made. If, despite the misdescription, the amendment can be given effect as intended, the amendment is incorporated into the compiled law and the abbreviation “(md)” added to the details of the amendment included in the amendment history.

If a misdescribed amendment cannot be given effect as intended, the abbreviation “(md not incorp)” is added to the details of the amendment included in the amendment history.

Endnote 2—Abbreviation key

 

ad = added or inserted

o = order(s)

am = amended

Ord = Ordinance

amdt = amendment

orig = original

c = clause(s)

par = paragraph(s)/subparagraph(s)

C[x] = Compilation No. x

/subsubparagraph(s)

Ch = Chapter(s)

pres = present

def = definition(s)

prev = previous

Dict = Dictionary

(prev…) = previously

disallowed = disallowed by Parliament

Pt = Part(s)

Div = Division(s)

r = regulation(s)/rule(s)

ed = editorial change

reloc = relocated

exp = expires/expired or ceases/ceased to have

renum = renumbered

effect

rep = repealed

F = Federal Register of Legislation

rs = repealed and substituted

gaz = gazette

s = section(s)/subsection(s)

LA = Legislation Act 2003

Sch = Schedule(s)

LIA = Legislative Instruments Act 2003

Sdiv = Subdivision(s)

(md) = misdescribed amendment can be given

SLI = Select Legislative Instrument

effect

SR = Statutory Rules

(md not incorp) = misdescribed amendment

SubCh = SubChapter(s)

cannot be given effect

SubPt = Subpart(s)

mod = modified/modification

underlining = whole or part not

No. = Number(s)

commenced or to be commenced

 

Endnote 3—Legislation history

 

Name

Registration

Commencement

Application, saving and transitional provisions

National Disability Insurance Scheme (Approved Quality Auditors Scheme) Guidelines 2018

12 July 2018 (F2018N00114)

13 July 2018 (s 2)

 

National Disability Insurance Scheme (Approved Quality Auditors Scheme) Amendment Guidelines 2019

9 Apr 2019 (F2019N00038)

10 Apr 2019 (s 2)

National Disability Insurance Scheme (Approved Quality Auditors Scheme) Amendment Guidelines No. 2 2019

19 Dec 2019 (F2019N00111)

1 Jan 2020 (s 2)

National Disability Insurance Scheme Legislation Amendment (Quality Indicators) Guidelines 2021

29 Oct 2021 (F2021N00274)

Sch 1 (items 22–26): 15 Nov 2021 (s 2(1) item 1)

 

Endnote 4—Amendment history

 

Provision affected

How affected

Introduction...............

am F2019N00111

Part 1

 

s 2.....................

rep LA s 48D

s 4.....................

am F2019N00038

 

ed C1

 

am F2019N00111 (Sch 1 item 8 md not incorp)

 

ed C2

s 5.....................

am F2019N00038; F2019N00111

Part 2

 

s 6.....................

am F2019N00038; F2019N00111

s 7.....................

rs F2019N00111

 

am F2021N00274

s 8.....................

am F2019N00038

s 9.....................

am F2019N00038

s 10....................

am F2019N00038; F2019N00111

 

ed C2

s 11....................

am F2019N00038; F2019N00111

 

ed C2

s 12....................

am F2019N00111

s 13....................

am F2019N00111

s 14....................

am F2019N00038

s 15....................

am F2019N00038; F2019N00111

s 16....................

am F2019N00038

s 17....................

am F2019N00038; F2019N00111

s 18....................

am F2019N00111

s 19....................

am F2021N00274

s 20....................

am F2019N00038

s 21....................

am F2019N00038

 

rs F2019N00111

 

ed C2

s 22....................

am F2019N00111

s 23....................

rs F2019N00111

s 27....................

am F2019N00038; F2019N00111

s 28....................

am F2019N00038

s 30....................

am F2019N00038

s 31....................

am F2019N00038

 

ed C1

s 32....................

am F2019N00038

 

ed C1

s 33....................

ed C1

s 34....................

am F2019N00038

s 35....................

am F2019N00038; F2021N00274

s 36....................

ad F2019N00111

 

ed C2

Annex B

 

c B.3....................

am F2019N00038

c B.4....................

am F2019N00038

 

ed C1

 

am F2019N00111

 

ed C2

c B.5....................

am F2019N00111

c B.6....................

am F2019N00038

 

ed C1

 

am F2019N00111

c B.7....................

am F2019N00038

 

ed C1

c B.8....................

am F2019N00038

 

ed C1

c B.9....................

am F2019N00038

 

ed C1

c B.10...................

am F2019N00038

c B.11...................

am F2019N00038

c B.12...................

am F2019N00111

Annex C

 

Annex C.................

am F2019N00111