This guide steps you through the process to register your service-for-one with the NDIS Quality and Safeguards Commission (the NDIS Commission). If you are not sure if you need to register, please read What is NDIS registration and do you need to register?
There are steps you have to go through during the NDIS registration process. This can happen over several months. This guide lists the steps in the registration process and includes tips to help you to work through each one.
Before you start
All registered providers need to have an Australian Business number (ABN). Before you start the registration process, you may need to apply for an ABN through the Australian Tax Office.
When you apply for an ABN, you need to decide what sort of business structure you want. The Australian Government’s Business Registration Service has a tool to help you work out the best structure for your set up.
Types of business structures include:
- incorporated not for profit
- sole trader
- partnership
- company
- trust.
You may need to get legal advice and talk to family and other supporters about the best option for you.
Getting prepared
It is important to be well-prepared before starting the online NDIS application. This includes:
- getting your policies and procedures ready
- getting to know the NDIS Practice Standards
- knowing your registration groups and identifying key personnel
- getting ready for your online application and self-assessment.
Steps in the NDIS registration process
1. Decide if you need to register.
2. Learn about registration.
3. Prepare your policies and procedures.
4. Do an online application and self-assessment.
5. Have an independent two-stage audit.
6. Have a decision from the NDIS Commission on your registration.
7. Complete an 18-month and three-yearly audit.
Step 1. Decide if you need to register
You can find out more about this step in our What is NDIS registration and do you need to register? guide.
Step 2. Learn about registration
You can find out more about this step in our What do you have to do as a registered provider? guide.
Step 3. Prepare your policies and procedures
You will need to show how your service-for-one applies policies and procedures based on the NDIS Practice Standards. This means you may need to develop new policies and procedures or review your existing ones.
You will need to include information about your policies and procedures when filling out the online self-assessment, which is part of the application. Don’t worry if you don’t have some policies and procedures developed already. If you have them, that’s great. If not, you can work with your auditor to see where the gaps are and develop new ones where required.
These policies and procedures are part of your evidence to show how you comply with the NDIS Practice Standards.
Your policies and procedures need to reflect the NDIS Practice Standards, as well as a range of rules covering:
- behaviour support
- managing complaints
- managing incidents
- worker screening.
You can find a list of the rules on the NDIS Commission website.
You can find more information about what your policies and procedures need to include in How to show that you meet the standards.
Registration groups
The term registration group refers to the type of supports being provided. There are currently 36 different registration groups.
During the NDIS application you will be asked which registration groups you want to register for.
Get to know the registration groups before starting your application. You can find a list of registration groups in Appendix A of this guide or look at the NDIA price guide for a detailed breakdown of the supports and services you may be providing.
You can find more information about registration groups in the Registration Requirements by Supports and Services document on the NDIS Commission website.
The NDIS Practice Standard modules you will be audited against depend on the registration groups you choose.
If you are using regulated restrictive practices as part of your service, you will need to meet:
- the Core Module (Divisions 1 to 4)
- Module 2A (Implementing behaviour support plans).
In How to show you meet the standards, you can find out what is involved in meeting the requirements in these modules. It can help you see what you are already doing to meet them.
You may also be audited against other modules depending on the support you provide.
Key personnel
Prepare the details for all key personnel in your service-for-one. The NDIS Commission closely checks to make sure key personnel are listed in the NDIS portal when deciding about an NDIS registration.
Key personnel are the people who have key executive, management or operational positions in your service-for-one. These positions include managers, a chief executive officer, company directors, board members or a chairperson (if you have them).
Key personnel do not include support workers unless the support worker is also a chairperson, director etc. You can read more about key personnel in What do you have to do as an NDIS registered provider?
Step 4. Do an online application and self-assessment
You can complete an online application through the NDIS Commission’s website.
The NDIS Commission has practical resources to guide you through the online application process, including:
- the Registration Process Guide
- Appendix B of this guide, the NDIS Registration Application Checklist.
To register, you will need to organise access to the NDIS Commission Portal and have an Australian Business Number (ABN). This Quick Reference Guide can help you to do that.
Once you have started your application, you can save and edit it as many times you need to. However, you need to complete it within 60 days, or the application will lapse.
During the online registration application, you will need to:
- Provide information about your service-for-one’s:
- contact details
- corporate structure
- key personnel
- service profile and service coverage areas
- the registration groups (refer Appendix A for more information).
2. Answer some specific questions about the supports and services you deliver. For example, they may ask, is medication administered to the person? Do you support a person subject to regulated restrictive practices?
3. Your answers will determine which modules, or parts of the modules of the NDIS Practice Standards, apply to your service-for-one. The minimum modules that will apply are:
- the Core Module (Divisions 1 to 4)
- Module 2A (Implementing Behaviour Support Plans).
Tips:
- Make sure your service-for-one includes details of all key personnel in the online application. The NDIS Commission looks at this closely.
- Include all registration groups that your service-for-one delivers, or may need to deliver in the future. Once the application is submitted, you cannot make changes. You can find information about registration groups in the NDIS Commission’s Registration requirements document.
- It is OK to list one person when asked how many people you support.
- List the total number of workers (which includes employees, volunteers and contractors) – not just the full-time equivalent.
- ‘Outlet’ is defined as premises where a person’s supports and services are delivered and managed daily. This could be in the home of the person. You can choose not to display the address of your ‘outlet’ on the provider register.
4. Do a self-assessment about how you meet the relevant parts of the NDIS Practice Standards.
This includes writing a few sentences or dot points explaining what your service-for-one does to meet each Practice Standard. Each response can be up to 300 words.
Information about the Practice Standards that apply to most services-for-one, along with tips about the types of evidence you can use, can be found in Meeting the NDIS practice standards and the evidence table guides. You can use this information, so you know what to include in your responses.
You can also find the full list of Practice Standards, including any updates on the NDIS Commission’s website.
You will also need to upload the documents you are including as evidence. Your self-assessment responses will be part of the desktop audit your auditor will do.
Tips:
- Review or develop policies and procedures before you start the online self-assessment and have the final versions ready to upload.
- You can use our Meeting the NDIS practice standards and evidence table guides to help you to work out what evidence you already have and what you need to think about.
- Get your self-assessment ready offline first and upload the final version when you are happy with the content.
- You do not need to provide long responses in the self-assessment – clear and succinct
is best. - Dot points of evidence are fine, with examples of how you use those policies and procedures.
- Do not forget to provide evidence and information in your self-assessment about the relevant rules, such as complaints management and resolution.
- You can upload up to seven documents. However, they cannot be any bigger than 2MG each. Double check your draft self-assessment and policies and procedures. Once you click the ‘Submit’ button, you cannot make any more changes.
- Do not worry though, you can give your auditor extra documents if you need to and fix any mistakes once you have started working with them.
- The auditor will review your self-assessment early in the audit process. If you clearly show evidence of how you comply with each Practice Standard, this can help the audit go more smoothly.
Step 5: Have an independent two-stage audit
Background
When you register, you will need to go through a certification audit. Audits by approved auditors are a legal requirement of registering with the NDIS Commission. These audits will assess your service-for-one against the parts of the NDIS Practice Standards relevant to the supports you provide.
You will need to use an Approved Quality Auditor from the NDIS Commission’s list of independent Approved Quality Auditors.
Approved Quality Auditors are organisations that audit NDIS providers. They are approved by:
- the NDIS Commission
- the Joint Accreditation System of Australia and New Zealand (JAS-ANZ).
They are independent from government.
What is a certification audit?
A certification audit is a detailed audit that looks at your:
- self-assessment
- policies and procedures
- records.
It also includes:
- a site visit to the place where the person has their services – this could be in your home or the person with disability’s home
- interviews with the person and some of the workers.
There are two stages of certification audits – Stage 1 and Stage 2.
Stage 1 audit: This is sometimes called a desktop audit or a document review. It usually happens off-site in the auditor’s office. It includes a review of your documents and information to make sure you have the right systems and processes to promote quality and safety in your service.
Stage 2 audit: This is usually done on-site in the place you deliver your services, which might be in your home or the person’s own home. It checks how well your service-for-one is putting policies and procedures into practice to meet the relevant modules of the NDIS Practice Standards.
The certification audit checks whether you are doing what you say you will in your policies and procedures.
There are guidelines that auditors follow about when they do not have to go on site for an audit, such as during COVID-19 restrictions.
How often do certification audits happen?
If you are successful in registering, certification is a three-yearly cycle. It includes:
- An initial certification audit (including Stage 1 and 2 explained above)
- an 18-month mid-term review (that checks how you are going)
- a recertification audit, which starts the next cycle three years from your registration (including Stage 1 and 2).
What are the steps in the audit process?
Initial scope of audit document
When you submit your application, the NDIS Commission sends you
an ‘initial scope of audit’. This document has a summary of the audit requirements for your service-for-one.
Get quotes
Ask for quotes from some Approved Quality Auditors using the ‘initial scope of audit’ document. Then choose an organisation to do your audit.
Stage 1 audit
This is a desktop audit to review your documents. Your auditor will check your scope of audit document and set a date to do your Stage 1 audit.
Stage 2 audit
This is an on-site audit. Once the auditor has finished the Stage 1 audit, you need to organise and prepare for your Stage 2 audit. The auditor will usually do the Stage 2 audit within three months of finishing Stage 1.
3.1 Initial scope of audit document
After you submit your online application, the NDIS Commission will send you an initial scope of audit document. This document:
- gives you a brief overview of your service-for-one’s registration groups
- explains your audit pathway
- lists the requirements that your service-for-one will be audited against.
This document has key information that the auditors will need to give you a quote.
3.2 Get quotes
You can then ask Approved Quality Auditors for quotes. When choosing an Approved Quality Auditor, it is a good idea to get a few quotes. It is important to find the right fit for your service-for-one. The information below can help you in this process.
How do you select an Approved Quality Auditor?
Only auditing organisations that the NDIS Commission has approved can assess whether a provider meets the NDIS Practice Standards. These organisations are called Approved Quality Auditors.
You can find a list of Approved Quality Auditors on the NDIS Commission website.
If you can, it may be a good idea to talk to someone with a similar service-for-one who has been audited. They can then tell you about their experience of the auditor they chose and the audit process.
Questions to ask potential auditors to help you decide who to choose:
- What experience do they have in auditing services-for-one or other small providers? In particular, what strategies have they used to engage with people with disability, including people with complex support needs such as psychosocial disability?
- Can they give you any references from similar services they have audited?
- Do they have any questions or issues from the initial scope of audit document?
- How would they choose the auditors for your service-for-one?
- How soon can they get started on the audit?
- How will they plan your audit? Will they ask for input from you?
- What will the cost of the audit or audit cycle be?
- When would they consider doing your audit remotely?
- Will it be cheaper if you and other services-for-one providers have your audits around the same time?
How much does registration cost?
Submitting a registration application is free. However, you will need to pay for the certification audit against the NDIS Practice Standards. There may also be costs to develop and maintain a system of procedures and policies to meet the relevant Practice Standards.
What needs to be done for the audit and its cost, will depend on the size, scale and the complexity of the services you provide. Auditing organisations have different rates and have their own processes for quoting. It is important to check quotes carefully to get the best fit and price for your service-for-one.
After you have chosen an Approved Quality Auditor, you need to add that ‘Auditor Relationship’ to the NDIS Commission’s portal.
The auditor will then check that the scope of your audit is correct and start the audit process. The first part of the audit will be Stage 1.
If anything is not clear or correct in your ‘initial scope of audit’ document, for example, if the registration groups included are not correct, the auditor can access your records in the NDIS Commission’s portal and make changes.
3.3 Stage 1 audit
A Stage 1 audit is sometimes called a desktop audit or a document review. It usually happens off-site in the auditor’s office. It includes a review of your self-assessment responses and your policies and procedures. The auditor may ask you for any documents that you have not already uploaded.
Tips:
- Make sure you give the auditors all of your policies and procedures that relate to the Practice Standards. The audit team will need to work out if your service is ready for the Stage 2 audit.
- Be clear about how you are using these policies and procedures – the auditors will look at this closely in Stage 2. Do you have forms, registers, minutes, files, plans implemented and in place? What type of quality ‘system’ or ‘framework’ do you have?
- Stage 2 audit should happen within three months of finishing Stage 1. However, it can be sooner than this. This means that getting your policies and procedures ready upfront and preparing a self-assessment with plenty of evidence, may help you get your certification and registration earlier. The audit team will be looking for evidence of how you are using your policies and procedures in Stage 2. So, make sure your policies and procedures are not generic but are designed for how your unique service operates.
3.4 Stage 2 audit
It is important to note for Stage 2 audits that implementation, or how you are using your procedures, is the key. It is not enough to just have policies and procedures. You need to show how you use them in your day-to-day practices, record keeping and processes. The auditors will be looking for evidence of the policies and procedures during Stage 2.
Auditors usually do Stage 2 audits on-site. The interviews they do for Stage 2 should always be done with the privacy and confidentiality of the person in mind. The auditor team you had for Stage 1 will usually plan the Stage 2 audit with you. They will also give you an audit plan. The audit plan includes time set aside to review records (including registers and the person’s records), as well as time for interviewing the person, staff and other key stakeholders (e.g. behaviour support provider).
Consent
The person receiving NDIS-funded supports is automatically included in the audit process unless they choose to ‘opt out’.
If the person agrees to be part of the audit, you will need to get consent from them or their substitute decision-maker. You can show their consent through a signed document, video or audio recording. Consent can be for the person working directly with the audit team or access to files, or both.
If a person is unable to provide consent or does not want to take part in the audit process, you will need to document that decision and let the audit team know.
The audit team will need to be able to look at evidence, such as the person’s file or information about them to check that the service-for-one meets the standard.
Note: It is mandatory that records of workers are sampled and reviewed during the audit. You do not need consent from workers.
How long will the Stage 2 audit go for?
This will be different for each service-for-one. It depends on a range of things including how many workers you have, what type of support is provided and how complex the supports are.
However, generally the audit will go for at least four hours. A two-person auditor team completes most audits. Auditors may also be able to apply for an exemption so that one person can complete the audit. Each Approved Quality Auditor organisation has their own process to work out how long an audit will be. This is why it is important to get quotes.
The audit team will develop an audit plan and schedule:
- interviews with stakeholders
- time to view records
- a meeting with you at the start and end of the audit called opening and closing meetings.
At the opening meeting, the auditors will ask if you agree to the schedule for the audit, explain privacy issues and introduce the audit team. At the closing meeting, they will give you a summary of their key findings. This will include any areas that are preventing you from becoming registered. These are known as nonconformities.
Tips:
- Review or develop policies and procedures before you start the online self-assessment and have the final versions ready to upload.
- You can use our Meeting the NDIS practice standards guide and evidence table guides to help you to work out what evidence you already have and what you need to think about.
- Get your self-assessment ready offline first and upload the final version when you are happy with the content.
- You do not need to provide long responses in the self-assessment – clear and succinct
is best. - Dot points of evidence are fine, with examples of how you use those policies and procedures.
- Do not forget to provide evidence and information in your self-assessment about the relevant rules, such as complaints management and resolution.
- You can upload up to seven documents. However, they cannot be any bigger than 2MG each. Double check your draft self-assessment and policies and procedures. Once you click the ‘Submit’ button, you cannot make any more changes.
- Do not worry though, you can give your auditor extra documents if you need to and fix any mistakes once you have started working with them.
- The auditor will review your self-assessment early in the audit process. If you clearly show evidence of how you comply with each Practice Standard, this can help the audit go more smoothly.
What to expect during a Stage 2 audit?
The audit team will collect a range of evidence about how you are complying with the Practice Standards. This includes:
- information directly from the person about the Practice Standards, such as how their rights are respected and how well the staff do their jobs
- information from family, friends, carers, nominees and independent advocates (with consent from the person with disability)
- support plans and evidence of how you are providing services in line with the plans
- records and interviews with stakeholders
- all of the supports you are delivering for the person.
The audit team needs to find three examples of evidence from different sources to show that you are meeting each Practice Standard. This is called ‘triangulated’ evidence. The evidence can be from a variety of reliable sources. This means that it is not enough just to get evidence from one source. Evidence is often found through the three Ps:
- People: conversations, interviews and observation during the audit
- Process: clear policies and procedures that show how you meet each practice standard
- Paper: written down records and plans.
The audit team may ask the person with disability the following questions. They should use
the type of communication they are most likely to understand and feel comfortable with.
- How often do you talk about your support needs and goals?
- How does your service-for-one consider your needs and preferences?
- What do you do if you want to make a complaint?
- How can you give feedback or make suggestions about how your service-for-one can improve?
- Do you feel that you are treated with respect?
- Do you feel that the staff are well trained and competent?
The audit team may ask workers the following questions:
- How long have you worked for this service-for-one?
- What is the process if the person wants to make a complaint?
- What is the process if there is an incident? (An incident includes something
that did or could have harmed the person.) - What training have you had?
- Do you have a position description?
- Do you have performance reviews?
- Did you have an induction? Can you describe it?
- Have you finished the Mandatory Worker Orientation Program?
- Do you have regular supervision?
They may ask the families running the service the following questions:
- How does the person have their say about what goes into processes like how their
rights are upheld and how supports are delivered? - How to you manage the quality and safety of supports?
- How do you make sure you stay up to date on the legal requirements of running
a service-for-one? - How do you manage supervising, training and the professional development of workers?
- How do you manage conflict of interest?
- How do you manage continuity of supports?
Try not to be too nervous about the audit process. Being well prepared will make the process so much easier. If the audit team does come across any nonconformities they will let you know during the audit – there shouldn’t be any surprises at the closing meeting.
Nonconformities are ways in which you are not meeting the audit standards.
Major nonconformities are a barrier to certification (and registration). Certification can still be recommended for minor nonconformities, as long as there is a corrective action plan put in place within seven days.
If there are any major nonconformities, you will be advised to prepare a ‘corrective action plan’, and the Approved Quality Auditor will do a follow-up desktop review within three calendar months.
The audit team should give you:
- a written copy of the audit findings at the closing meeting
- a copy of the full audit report for you to comment on before they submit it to the NDIS Commission. They need to submit it within 28 days after the last day of the on-site audit.
To find out how your registration renewal or application is going after the audit, email the NDIS Registration team at: [email protected].
Step 6: Have a decision from the NDIS Commission on your registration
The NDIS Commission will look at the outcomes of the audit which the Approved Quality Auditor provide to them.
The NDIS Commission will do a suitability assessment looks at if your service-for-one or its key personnel.
They will contact you if they need more information. The NDIS Commission has contacted some providers using behaviour support plans for more information.
The NDIS Commission then makes the final decision on your registration, taking into account:
- the auditor’s recommendations in the audit report
- the suitability assessment of your key personnel.
The NDIS Commission will then let you know if your registration has been successful or not.
Successful application
After a successful application, you will receive a certificate of registration that will list:
- the types of supports or services (registration groups) you are now registered to provide
- when your registration will end and need to be updated
- any things you need to do to keep your registration.
Provider register
The details of your registration will be published on the NDIS Commission’s Provider Register.
Unsuccessful application
If your application is unsuccessful, the NDIS Commission will give you the reasons for this decision. You can ask for a review within three months of the decision. If your application is still unsuccessful after this review, you can ask for the Administrative Appeals Tribunal to review your application.
Step 7: Complete an 18-month and three-yearly audit
After the NDIS Commission has approved your application, you need to continue to meet all the conditions of registration. This includes the NDIS Practice Standards and NDIS Code of Conduct.
Monitoring
The NDIS Commission will monitor services-for-one to make sure they are complying with the conditions of registration. The NDIS Commission can suspend, change or cancel your registration, if you are not meeting the conditions. The timing of your quality audits will be included on your Certificate of Registration.
You will need to have an 18-month mid-term review, and a three-yearly recertification.
Mid-term review
The 18-month mid-term review includes an audit, generally on-site. It is similar to the initial certification audit, though will not go for as long and will focus mostly on Division 2 of the core module (Governance and Operational Management). There will probably be some focus on Module 2a (Implementing Behaviour Support Plans) as well.
Three-yearly recertification
The three-yearly recertification audit is basically the same as the initial certification audit. Meaning it includes a Stage 1 (desktop audit) and a Stage 2 (on-site audit). The audit team will be looking for things you are doing to keep improving your services since the initial audit.
Your three-yearly certification cycle starts from the date the NDIS Commission makes its decision on your registration. So, your mid-term audit will be due 18 months after that date.
What’s next?
If you are ready to start your online application or to start working with an auditor, you can use our Meeting the NDIS practice standards guide to see what evidence you already have and what evidence you still need to prepare for an audit and meet the NDIS Practice Standards.
You can also contact the NDIS Commission:
Registration: If you have any specific questions about NDIS registration contact the NDIS Commission on 1800 035 544, or via email [email protected].
Behaviour Support: Contact the NDIS Quality and Safeguards Commission
Website: www.ndiscommission.gov.au/providers/behaviour-support
Phone: 1800 035 544 (Monday to Friday) Email: [email protected]
Appendix A: NDIS registration groups
Appendix B: Registration application checklist
Information type | High-level detail |
---|---|
Contact details | The primary contact person and contact details for your service-for-one. The registered business contact details. The applicant’s postal address. Whether services are delivered from the contact address provided. |
Business registration details | Your Australian business number (ABN), Australian Company Number (ACN) or Australian Registered Body Number (ARBN). The business type. The entity’s ABN, ACN and ARBN (if applicable). The email address that you want to receive information about payments to once you are registered. |
Organisation structure and governance | Details of all key personnel, including contact numbers, email addresses and dates of birth. If any key personnel are shareholders, you will also need to include the percentage share. |
Suitability | Information about the suitability of the applicant and its key personnel, including: If the applicant has ever been in receivership, subject to a winding up order or under administration. If any of the applicant’s key personnel have ever been convicted of a criminal offence. If the applicant, or any of the applicant’s key personnel have ever been insolvent under administration (or equivalent in home jurisdiction). If the applicant, or any of the applicant’s key personnel have started bankruptcy proceedings. If any of the key personnel have been disqualified as a director of a company or disqualified from managing corporations. If the applicant or any of the applicant’s key personnel have been the subject of any investigation, adverse findings or enforcement by any regulator, including authorities responsible for the quality or regulation of services for people with disability. If any of the applicant’s key personnel, or the applicant overall, have been the subject of any findings or judgement in relation to fraud, misrepresentation or dishonesty. |
Registration groups | The registration groups which you deliver or are preparing to deliver services in. |
Service delivery questions | Questions about the delivery of services, including managing medications, disposing of waste and use of restrictive practices. These questions help work out your scope of practice. |
Self-assessment against the applicable | Based on your organisation profile, the registration groups you choose and your responses to the service delivery requirements |
NDIS Practice Standards | The online registration system will work out which NDIS Practice Standards are relevant to your application. You will be asked to show how you meet the requirements of the relevant modules. You will have a limit of 300 words (2,000 characters), to answer each outcome. Supporting documents are also needed. You can also upload up to seven attachments, each no larger than 2MB. Note – You can give extra documents to the approved quality auditor when you have one. The approved quality auditor can upload this information to your registration record. |
Service coverage areas | The state or local government area and the coverage area of the sites where you deliver or intend to deliver services. |
Outlets | The details of each outlet (the place where services are delivered), including information such as the address, opening hours and registration group of services delivered. |
Service profile | The number of people you deliver, or intend to deliver, services to. The number of workers (including employees, volunteers and contractors) delivering NDIS supports. The groups to which you deliver or intend to deliver services to: Acquired Brain Injury aged care autism dementia intellectual disability mental health physical disability including sensory disability spinal injury ventilator dependent. The age groups which you deliver, or intend to deliver to: 0 – 6 years 7 – 16 years 17 – 65 years over 65 years. |
Worker screening | Registered NDIS providers must make sure that workers in risk assessed roles have gone through a worker screening check and hold an appropriate clearance. Risk assessed roles are: key personnel roles roles where the normal duties include the direct delivery of supports or services to a person with disability roles where the normal duties are likely to have regular contact with people with disability. You can find information on the worker screening requirements and when they apply on the NDIS Commission website. |