Seven Commonly Asked Questions About NDIS Internal Audit

One of the key requirements of the National Disability Insurance Scheme (NDIS) for disability service providers is to conduct an internal audit. NDIS providers often ask questions about internal audits as they are not sure about their application to their scope or how it needs to be conducted. In this article, we focus on answering the most common questions asked by NDIS providers.

1. What is an NDIS internal audit?

An internal audit is also known as a first-party audit. As an NDIS provider, you need to conduct internal audits on a regular basis. Apart from it being a mandatory requirement, it gives you confidence that the organisational processes and procedures meet their intended outcomes. To sum up, the outcome of the internal audit indicates how effectively the organisation operates.

2. Do I have to conduct the NDIS internal audit?

Yes, if you are complying with NDIS Quality Indicator Guidelines 2018 Core Module as per key indicator of Division 2 – Governance and Operational Management of NDIS Quality Indicators Section 13(2).

3. How often should I conduct the internal audit?

The frequency of internal audits is not specified within the standards. However, it is recommended to have a three-year plan and ensure that the full scope of the organisation is audited over the cycle of every three years. Please note that the certification period is valid for three years. The Approved Quality Auditors will ask for records of the recent internal audit during their assessment.

4. Can I audit myself?

Yes you can audit yourself. There are no specific requirements within the NDIS Quality Indicators Guidelines about the impartiality of auditors. It is recommended that the auditors should be impartial in the processes they audit.

5. What are the roles and responsibilities?

Internal auditors can act differently depending on the scope of the audit and the availability of resources. Here are the most common roles for NDIS internal auditors:
     • Identify gaps in the organisation’s systems implementation
     • Look for significant deviations from the required procedures
     • Analyse business changes that can cause procedures to cause undesirable results
     • Check evidence to ensure the system is working as it should meet its objectives

6. How many internal auditors do I need in my organisation?

It is recommended to have two internal auditors. This will allow the auditors to cross-check each other's work simultaneously and they do not have to audit the processes they own.

7. Do I have to document the records of my internal audits?

Yes, documenting the audit program is part of the NDIS requirement. There are no requirements given about the audit records. However, it is a general expectation of the auditors to see evidence such as audit reports. The outcome(s) of the internal audit should be documented regardless.


LMS TRG has prepared step-by-step guidance to improve your service delivery quality and comply with the NDIS (National Disability Insurance Scheme) Quality Indicators Guidelines. We have combined it in our NDIS Internal Auditor Training, here, you will learn everything you need to know about performing internal audits. No prior experience in auditing is required.

Our courses are accessible 24/7 so you can complete the course at your own pace. Learn anywhere, anytime.

Who We Are

At core, LMS TRG is a compliance consulting and training organisation that builds and delivers powerful and practical products for people and businesses. Born and bred in Melbourne, Australia with an amazing team of expert auditors, consultants, and entrepreneurs.

Our area of expertise lies in providing training and guidance on compliance with the National Disability Insurance Scheme (NDIS) and the International Organisation for Standardisation (ISO). We also assist organisations in implementing effective management systems that are tailored to their specific needs and requirements. Our comprehensive approach to compliance training and management systems ensures our clients have the knowledge and tools necessary to meet regulatory requirements and industry standards. We are committed to helping our clients achieve success and maintain a culture of excellence in their operations.

We Care for each other, our members, and our society.

We Dare to discover and experiment, trying to be different and be fearless, and innovative.

We share our knowledge and experience, work together and continue to support our members.