Swell Policy Studio
Login

  • Mar 4

NDIS Audit Evidence: What Auditors Actually Expect to See

  • Carly Goodsell
  • 0 comments

Passing an NDIS audit isn’t just about policies — it’s about evidence. This guide explains what auditors actually want to see and how to prepare the right documentation.

One of the biggest misconceptions about NDIS audits is that they’re mainly about policies.

Providers spend weeks making sure every policy looks perfect — only to discover during the audit that the real focus is evidence.

Auditors want to see proof that your systems are actually working in practice.

That means showing:

  • real records

  • real reviews

  • real implementation

If you understand what counts as audit evidence, preparing for your audit becomes much easier.

In this guide, we’ll break down:

  • what NDIS auditors mean by “evidence”

  • the types of evidence providers must show

  • how auditors assess documentation

  • the most common evidence mistakes

  • how to organise your evidence before an audit

If you’re currently preparing for an audit, you may also find our NDIS Audit Preparation Guide helpful, which explains how providers organise documents and evidence before audit day.

What “Evidence” Means in an NDIS Audit

In simple terms, evidence is proof that your policies are actually being used.

For example:

A policy might say:

“All incidents are recorded and reviewed.”

Evidence shows:

  • the incident form

  • the incident register

  • investigation notes

  • corrective actions

Auditors want to see the full trail.

A useful way to think about this is:

Policy → Process → Evidence

Without the evidence, the policy alone doesn’t prove compliance.

During audits, providers are often asked to explain how these systems work in practice. If you're unsure what auditors typically ask, see our guide to NDIS Audit Questions and Answers, which walks through the most common questions providers receive.

The Types of Evidence Auditors Look For

Auditors generally expect three main types of evidence.

1. Documentation Evidence

This includes the formal documents that describe how your organisation operates.

Examples include:

  • policies

  • procedures

  • practice guides

  • participant handbooks

  • staff handbooks

These documents explain what your organisation says it does.

But documentation alone is not enough.

2. Operational Evidence

Operational evidence shows how those documents are used in practice.

This often includes:

  • registers

  • forms

  • logs

  • reports

  • meeting minutes

For example:

  • Incident Register

  • Complaints Register

  • Risk Register

  • Training Register

  • Continuous Improvement Register

These records demonstrate that your systems are active and maintained.

3. Implementation Evidence

Implementation evidence shows that staff actually follow the systems.

This might include:

  • supervision records

  • staff training notes

  • participant case notes

  • completed risk assessments

  • internal audit records

Auditors often check this evidence to confirm that documentation and practice align.

If you're preparing staff for audit interviews, reviewing 50 Common NDIS Audit Questions beforehand can help teams answer confidently and consistently.

Evidence Areas Auditors Almost Always Check

Most NDIS audits examine evidence in several key areas.

Incident Management

Auditors typically want to see:

  • Incident Policy

  • Incident forms

  • Incident Register

  • investigation notes

  • corrective actions

They will often ask:
“Can you show me an example of how an incident was recorded and reviewed?”

Many providers find it helpful to review a full NDIS Audit Checklist before their audit to ensure these areas are fully documented and ready.

Complaints and Feedback

Evidence may include:

  • Complaints Register

  • feedback forms

  • complaint investigation records

  • outcome documentation

Auditors want to see that complaints are recorded, addressed and resolved.

Risk Management

Risk evidence usually includes:

  • Risk Register

  • risk reviews

  • updated risk controls

Auditors may ask:
“How do you identify and review risks in your organisation?”

Staff Training and Supervision

Evidence here might include:

  • staff induction records

  • training logs

  • supervision notes

  • performance reviews

This helps auditors confirm staff are properly supported and trained.

Service Delivery Records

Auditors may review:

  • service agreements

  • consent forms

  • participant case notes

  • risk assessments

  • progress notes

These records demonstrate that services are delivered safely and respectfully.

How Auditors Review Evidence

Auditors typically follow a pattern:

1️⃣ Review the policy
2️⃣ Ask how the system works
3️⃣ Request evidence

For example:

They might say:

“Your policy says incidents are reviewed monthly.
Can you show me where that review happens?”

If the evidence exists, the process is clear.

If it doesn’t, the auditor may raise a concern.

Common Evidence Mistakes

Some of the most common issues providers face during audits include:

• registers that have never been updated
• incident records without follow-up actions
• risk registers that haven’t been reviewed
• empty training logs
• policies that don’t match practice

These issues usually occur when documentation is created purely for compliance rather than used day-to-day.

How to Organise Evidence Before an Audit

A simple way to prepare is to organise evidence under the same structure as the NDIS Practice Standards.

For each area, have:

  • the relevant policy

  • the related procedure

  • examples of completed records

For example:

Incident Management folder:

  • Incident Policy

  • Incident Form

  • Incident Register

  • investigation example

This makes it easy to respond quickly when auditors request documentation.

Preparing all of this documentation manually can take hundreds of hours. Many providers choose to start with structured templates and registers designed specifically for NDIS audits.

Why Internal Audits Are So Important

Internal audits help providers identify gaps before the external audit.

They allow you to check:

  • whether registers are updated

  • whether staff follow procedures

  • whether evidence is being recorded

If you want to learn more about this process, our guide on NDIS Internal Audits explains how providers stay compliant between audits.

How Swell Policy Studio Helps Providers Prepare Evidence

Many providers struggle not because they lack policies, but because they lack structured evidence tools.

Swell Policy Studio packs include:

  • NDIS-aligned policies

  • evidence registers

  • operational templates

  • audit-ready documentation

This helps ensure that when auditors ask for evidence, providers already have the systems in place.

Explore the Right Documentation for Your Service

If you want audit-ready documentation without spending months writing policies from scratch, Swell Policy Studio provides NDIS-aligned policy and procedure packs tailored to provider type.

Available packs include:

Core Module Packs (General, Behaviour Support, Support Coordination)
Module 2 Pack for behaviour support providers and Module 2A Pack for Implementing providers
Module 4 Pack for Specialist Support Coordination

You can explore all packs here:

🛒 View the NDIS Policy Packs

Final Thoughts

The biggest shift providers need to make is understanding that audits are about proof, not paperwork.

If you can demonstrate:

  • clear documentation

  • consistent processes

  • real evidence of implementation

then your audit becomes much easier to navigate.

The goal is not to impress auditors with documents.

The goal is to show that your systems actually work.

0 comments

Sign upor login to leave a comment