Preparing for an NDIS audit can feel stressful — particularly if you’re unsure what questions the auditor will ask.

Many providers assume the audit is simply about having policies in place. But in reality, auditors are looking for something much deeper: evidence that your systems are actually working in practice.

They will ask questions about how your organisation operates, how risks are managed, how participants are protected, and how staff follow procedures.

The good news is that most audits follow very predictable themes.

This guide walks through 30 common NDIS audit questions, explains what auditors are really checking, and outlines the types of evidence providers should be able to show.

You can also use this page as a printable practice worksheet when preparing for an audit interview.

Many providers review these questions with their team before their audit so everyone understands how the organisation demonstrates compliance.

Why Auditors Ask Questions

During an audit, the auditor isn’t just reading your documentation.

They are checking three things:

1. Your policies exist
Your organisation has written procedures that align with the NDIS Practice Standards.

2. Staff understand the systems
Team members can explain how those policies work in practice.

3. Evidence shows the systems are used
Registers, forms, meeting notes and records demonstrate that your procedures are being implemented.

If these three layers are clear, audits typically go very smoothly.

If they aren’t, auditors may identify non-conformities even if your documentation looks good on paper.

If you're unsure which documents support each audit area, this guide may also help:

NDIS Internal Audits: How to Stay Compliant Between Audits (Checklist Included)

Governance and Risk Questions

1. How does your organisation manage risk?

Auditors want to see that risks are identified, assessed and regularly reviewed.

Evidence might include:

• Risk register
• Risk management procedure
• Meeting minutes reviewing risks

2. How do you ensure policies remain up to date?

Providers should demonstrate a structured policy review process.

Evidence may include:

• Document control register
• Version control records
• Scheduled policy review dates

3. Who is responsible for compliance in your organisation?

Auditors want to confirm that compliance responsibilities are clearly allocated.

Evidence may include:

• organisational chart
• governance structure
• position descriptions

Participant Rights Questions

4. How do participants learn about their rights?

Providers should show how they communicate participant rights and advocacy options.

Evidence may include:

• participant handbook
• rights fact sheet
• advocacy information

5. How do participants provide feedback or make complaints?

Auditors want to confirm that feedback systems are accessible and safe.

Evidence may include:

• feedback forms
• complaints procedure
• complaints register

You can also explore common complaint-related audit questions here:

50 Common NDIS Audit Questions (With Sample Answers Providers Can Use)

Service Delivery Questions

6. How do you involve participants in decision-making?

Auditors expect providers to demonstrate person-centred practice.

Evidence may include:

• case notes
• participant goals
• meeting notes

7. How do you ensure informed consent?

Consent should be clearly documented and regularly reviewed.

Evidence may include:

• consent forms
• service agreements
• participant records

8. How do you manage participant risk?

Auditors will check that providers identify and manage risks affecting participants.

Evidence may include:

• participant risk assessments
• risk mitigation plans
• review records

Incident Management Questions

9. What happens when an incident occurs?

Providers should clearly explain their incident response process.

Evidence may include:

• incident management procedure
• incident report forms
• incident register

10. How are incidents reviewed and improved?

Auditors want to see that incidents lead to learning and improvement.

Evidence may include:

• incident investigation reports
• corrective actions
• continuous improvement records

Staff and Workforce Questions

11. How do you recruit safe and qualified staff?

Providers must demonstrate safe recruitment practices.

Evidence may include:

• worker screening checks
• reference checks
• employment records

12. How do staff receive training?

Auditors often request evidence of staff training and competency.

Evidence may include:

• training register
• induction records
• professional development logs

13. How do you supervise staff?

Staff supervision is important for maintaining quality services.

Evidence may include:

• supervision logs
• performance reviews
• meeting records

Continuous Improvement Questions

14. How does your organisation improve its services?

Auditors want to see an active quality improvement process.

Evidence may include:

• continuous improvement register
• internal audit reports
• action plans

15. How do you review feedback from participants?

Feedback should lead to improvements in services.

Evidence may include:

• feedback summaries
• meeting minutes
• service improvements

Documentation Questions

16. How do you store participant information securely?

Auditors will check privacy and confidentiality protections.

Evidence may include:

• privacy policy
• secure storage procedures
• access controls

17. How do you ensure documentation is accurate?

Providers should demonstrate clear record-keeping practices.

Evidence may include:

• case note templates
• documentation procedures
• staff training

Behaviour Support and Restrictive Practice Questions (if applicable)

18. How do you minimise restrictive practices?

Auditors expect providers to prioritise reduction and elimination.

Evidence may include:

• behaviour support plans
• restrictive practice authorisations
• reduction strategies

19. How do you monitor restrictive practices?

Evidence may include:

• restrictive practice registers
• monitoring reports
• review notes

For providers implementing behaviour support plans, this guide explains the requirements in detail:

NDIS Module 2A Explained: How to Implement Behaviour Support Plans and Meet Restrictive Practice Requirements

Internal Audit and Compliance Questions

20. How does your organisation check compliance internally?

Auditors often ask about internal auditing processes.

Evidence may include:

• internal audit schedule
• audit reports
• corrective actions

You can read a full guide here:

NDIS Internal Audits: How to Stay Compliant Between Audits

Additional Common Audit Questions

Auditors may also ask questions such as:

21. How do you manage conflicts of interest?

22. How do you ensure participant safety?

23. How do you handle privacy breaches?

24. How do you review incidents and complaints together?

25. How do you communicate with families and support networks?

26. How do you ensure staff understand your policies?

27. How do you monitor service quality?

28. How do you manage documentation updates?

29. How do you ensure participants understand their supports?

30. How do you maintain continuous improvement?

How to Practise for Your Audit

A useful preparation exercise is to sit down with your team and review these questions.

For each one, ask yourselves:

• Can we clearly explain our process?
• Do staff understand how this works?
• Can we quickly show evidence if the auditor asks?

If the answer is yes, you are likely well prepared for your audit.

Why Good Documentation Makes Audits Easier

Many providers struggle with audits not because their services are poor — but because their documentation doesn’t clearly demonstrate what they are already doing.

Well-structured policies, procedures, registers and templates make it far easier to:

• demonstrate compliance
• organise evidence
• answer audit questions confidently

This is exactly why Swell Policy Studio documentation packs were created.

Each pack includes audit-ready policies, procedures and registers designed specifically to meet the NDIS Practice Standards.

Explore the Documentation Packs

If you want documentation designed specifically for NDIS audits, you can explore the full packs here:

View the packs

Core documentation packs are available for:

• General Disability Providers
• Behaviour Support Providers
• Support Coordination Providers

Additional modules are available for providers delivering:

• Behaviour Support Services
• Restrictive Practice Implementation
• Specialised Support Coordination

Each pack includes fully editable Word documents so providers can customise the documentation for their own organisation.

Final Thoughts

Preparing for an NDIS audit becomes much easier when you understand the types of questions auditors ask and the evidence they expect to see.

By reviewing these questions in advance and ensuring your systems are clearly documented, you can approach your audit with confidence rather than stress.

Audits shouldn’t feel like an exam — they should simply confirm that the systems you have in place are protecting participants and supporting quality services.