Certification audits feel opaque from the outside. You know the NDIS Practice Standards apply, but not what the auditor will actually do with your documents, your systems and your people. Having seen hundreds of providers through the process, here is what approved quality auditors genuinely check, stage by stage.
Stage 1: the documentation review
Certification runs in two stages. Stage 1 is a structured review of your policy suite against every applicable outcome of the Practice Standards, the Core Module covering governance, provision of supports, the support environment and rights of participants, plus any supplementary modules your registration groups attract. The auditor is checking three things:
- Coverage: does a document exist for each required outcome? Gaps here are the fastest route to non-conformities.
- Alignment: do your documents match your actual scope of registration? A policy suite referencing supports you don't deliver (or missing ones you do) signals a generic template, and auditors probe hard from that point on.
- Internal consistency: does your incident policy reference the same roles as your delegations register? Do your forms match your procedures? Contradictions between documents are treated as evidence the system isn't real.
Stage 2: proving the system is lived, not laminated
Stage 2 is where certification differs from verification. The auditor comes looking for evidence that your documented system actually operates. Expect them to sample:
- Participant files: service agreements, consent records, support plans and risk assessments that follow your own documented process.
- Worker files: NDIS Worker Screening Checks, qualifications, induction records, training registers and supervision notes.
- Registers in use: incidents, complaints, feedback, conflicts of interest, continuous improvement. An empty complaints register at an established provider raises questions; a register showing issues logged, actioned and closed builds confidence.
- Governance evidence: meeting minutes, internal audit records, management review of the compliance system.
The interviews
Auditors interview key personnel and a sample of workers, and where possible speak with participants. They are not testing whether staff can recite policy. They're testing whether what staff describe matches what the documents say. "What would you do if a participant was injured during a shift?" should produce an answer that tracks your incident management procedure. The most damaging audit moment is a worker describing a process that contradicts the written one.
What auditors are really deciding
Behind every checklist item sits one question: can this provider deliver safe, quality supports, and will their system catch problems when things go wrong? Auditors classify findings as conformity, minor non-conformity or major non-conformity. Minors are normal and closed with corrective actions; majors, typically missing worker screening, absent incident management, or wholesale template documentation with no implementation, can stall your registration entirely.
How to prepare like it matters
- Map every applicable Practice Standards outcome to a named document and a piece of operational evidence. Our article on the policies certification providers need covers the document side.
- Run your registers for real before audit day, even with a small participant base.
- Brief your people on your actual procedures, not a script.
- Fix scope mismatches before the auditor finds them.
This is precisely why generic templates fail: they cover outcomes in the abstract but collapse at the alignment and consistency checks. Every Veyora document set, from CertCore and its registration group modules through to the complete packages, is tailored to your organisation, your groups and your delivery model, never off-the-shelf, and backed by an audit pass guarantee: pass your audit with our documentation or receive a full refund. Our clients' 100% first-time audit success record reflects exactly the checks described above.
Want to see how tailored documentation comes together before your audit? Start with how it works or call 1800 701 520.
General information only: confirm requirements with the NDIS Commission and your auditor.