Providers requiring a verification quality audit usually deliver lower risk/lower complexity supports and services. Many providers requiring a verification audit are already subject to professional regulation as a requirement of doing business, e.g. through the Australian Health Practitioner Regulation Agency (AHPRA) and other professional bodies, or are not required to be a member of a professional body e.g. domestic or household services.

You can engage us to complete a desktop (no site visit required) review of the required documentary evidence outlined for each profession in the Verification Module.

You must show evidence of:

  • relevant qualifications
  • expertise and experience
  • hr management processes/policies
  • incident management processes/policies
  • complaints management processes/policies
  • risk management processes/policies.

Once you have submitted your application on the NDIS portal and received your scope of audit,  contact us using the button below.

Providers requiring a certification audit provide more complex or higher risk supports and services. In a certification audit, providers are assessed against the NDIS Practice Standards which may include assessment against the core module and any supplementary module relevant to the type of support they deliver.

Assessment includes core capabilities, such as:

  • risk management;
  • delivery of supports;
  • the delivery environment; and
  • governance and operational management

NDIS providers that deliver services and supports within the High Intensity Daily Personal Activities registration group (0104) will be assessed against the High Intensity Skills Descriptors.

Your certification audit will include document reviews, site visits and interviews with NDIS workers and participants.

Once you have submitted your application on the NDIS portal and received your scope of audit,  contact us using the button below.

In each 3 year audit cycle, registered NDIS Providers (with some limited exceptions) are required to undergo a further MidTerm or surveillance audit within 18 months of the date of registration.  The MidTerm audit covers:

  • governance and operational management
  • site visits to Head office and outlets providing highest risk services, file reviews and interviews with NDIS workers and participants

If you need to book a MidTerm cycle or want to discuss your audit cycle,  contact us using the button below.

If you have decided to expand your business and want to add more services for your NDIS Participants but you are not due for a scheduled audit, you can apply for an Out of Cycle Variation and this may require an extra audit.

If you were provisionally approved at your first audit, you may have a condition on your registration under s73 to have a follow up Out of Cycle audit for a number of reasons.

You may have received a letter from the NDIS Commission informing you to have an Out of Cycle audit

We can help you with all of these, contact us using the button below.

The Australian Community Industry Standard (ACIS) is the national quality management standard that specifically addresses the provision of attendant care services. Providers operating in accordance with ACIS can gain acia-endorsed certification through CAA. Achieving certification to ACIS is a rigorous undertaking that requires service providers to achieve demonstrable quality outcomes for service users.  The Scheme aligns current contemporaneous and evidenced based guidelines to its processes, embeds leadership, mental health, assistive technology, positive behavioural support, clinical governance, governance and person-centred care into one standard.

The ACIS Standard and application paperwork can be purchased from

Once you have submitted your application to ACIA,  contact us using the button below.

Surveillance audits are required at twelve-monthly intervals, as a minimum for the first ACIS audit cycle, with an option to request permission for an exceptional move to 18 monthly audits from ACIA.

Surveillance audits must always include governance and clinical governance plus 50% of all other standards, site visits, file reviews, and interviews with staff and clients.

If you need to book a surveillance audit or want to discuss your audit cycle,  contact us using the button below.

AS/NZS ISO 9001:2016 is the Australian adoption of the international standard for Quality Management Systems (QMS) which demonstrates the ability to consistently provide services or products which meet customer and regulatory requirements.

Formal assessment for ISO is a 2 stage audit with stage 1 consisting of your auditor reviewing your documents, policies and procedures to determine readiness for stage 2, and stage 2 being the assessment of implementation of the procedures reviewed to ensure they are working effectively.

The ISO 9001:2016 Standard can be purchased from the Standards Store

Once you feel prepared to book your ISO 9001 audit, contact us using the button below.

We are very aware and considerate of cost constraints and how stretched the industry can be, which is why we offer a number of flexible, tailored and affordable packages which aim to provide the most cost-effective options across Australia, especially with the return to onsite auditing and the travel required.

Our approach is to ensure quality outcomes and compliance can be achieved no matter where you are.  Our insight comes through years of experience and a genuine passion for making sure participants are protected, and for providers to meet quality outcomes to improve their services no matter the obstacles.

If you want to know more about the investment required for a CAA audit, please contact us using the button below.

Find out more about being an NDIS provider using the button below

How Do I Become an NDIS Provider?

  1.  Start a new application on the NDIS Application Portal
  2. Send your initial scope of audit to Community Audits Australia (an Approved Quality Auditor)
  3. Undergo an audit
  4. The NDIS Commission assess your application and makes a decision
  5. Receive your application outcome

When MUST I register to be an NDIS Provider?

Providers must register with the NDIS Commission to:

  • deliver services and supports to NDIS participants who have their plan managed by the NDIA
  • deliver specialist disability accommodation, use restrictive practices, or develop behaviour support plans
  • deliver services or supports to older people with disability who are receiving continuity of supports under the Commonwealth Continuity of Support Programme relating to Specialist Disability Services for Older People.

What registration groups should I select when applying for NDIS?

Support items are grouped into registration groups and those registration groups determine which NDIS Practice Standards apply to your organisation. Different supports have different levels of risk and application relevant to the registration groups you select. It is important to only select groups that are relevant to your business and clients. Furthermore, you should ensure that you are aware of what each registration group’s requirements are in order to know that you’ll be able to meet the ones you have selected.

What is a Quality Audit?

To apply for or renew registration with the NDIS Commission or ACIA, all providers undergo an audit against the relevant Standards. We will assess your organisation against the components of the Standards that are relevant to the services and supports you deliver. Auditors will also undertake their activities in a way that takes your organisation’s size, scope, and service delivery risk into consideration.

Your organisation will undergo either a ‘verification’ (NDIS only) or ‘certification’ (NDIS or ACIS) quality audit.

As part of the application for registration or renewal, it is the your responsibility to engage an approved quality auditor to assess your organisation’s compliance with the Standards.

How Much Does an Audit Cost?

The cost of your audit is dependent on:

  • the type and number of modules you are registering for
  • the number of staff you have
  • the number of participants or clients you have
  • the number of outlets you have

As a company owned by people who have come from within the industry, we keep our costs as low as we can.

Can CAA help me with my Policies or Preparing for the Audit?

As auditors, our role is to assess the quality of your policies and procedures and your service provision, so we are not able to consult during your preparation or audit process. We will provide feedback on areas needing improvement and our aim is to make the audit process a pleasant and educational experience.

How quickly can I get the audit done and how long will it take?

In many cases, you don’t need formal qualifications, however depending on the registration groups you choose, there are very specific requirements for each that you must address in full.

What happens for a Verification Audit?

Usually you will provide all the documents requested according to the NDIS Verification Documentation Requirements booklet and our auditor will review them without you being present.  At the end of the audit, the auditor will either provide a list of items which were missing or did not meet standard, or will advise you that everything was present and correct.  If you have more items or information to provide, we ask you to do so within 5-7 calendar days.

What is a Stage 1 and Stage 2 Audit in Certification, and how do I prepare for these?

Typically a stage 1 audit is undertaken by an auditor without you being present.  They go through a document review to check all the policies, documentation and requirements are met to enable the Stage 2 process to be undertaken.  By moving to the Stage 2 which may be remote or in person, it is where you demonstrate application and processes consistent with the documents provided in stage 1 and against the standards and registration groups that you have nominated.  If the auditor feels at stage 1 there are significant gaps, they may recommend delaying stage 2 or resubmission of the stage 1 self assessment and documents as significant work is involved based on the information they have received.

What happens after the Onsite (Stage 2) Audit?

At that time the auditor has a short period (usually 5 working days)to write up the report and combine it with the other auditor(s).  This is then submitted to an independent and senior auditor for peer review to validate that the information contained in the report supports the outcome recommended.  Once finalised we will send feedback to you for comment.  Once agreed we submit the findings and report to the Commission and / or scheme owner as well as providing the final report and certificate to you if we have not already done so.  This will not usually occur until the outstanding balance on the account is paid.

How long will the NDIS Commission take to process my application?

In assessing your registration application, the NDIS Commission will consider the outcomes of the audit and conduct a suitability assessment of your organisation and key personnel.

What is a suitability assessment?

The NDIS Commission assesses the suitability of NDIS providers and their key personnel to deliver NDIS supports and services.
This includes whether you or your key personnel have:
• previously been a registered NDIS provider
• had a banning order in place
• any past convictions
• been insolvent under administration
• had adverse findings or enforcement action taken by any relevant authorities
• been the subject of findings or judgement in relation to fraud, misrepresentation, or dishonesty
• been disqualified from managing corporations
They will contact you if they need more information. They will then make a decision and contact you to let you know if your application has been successful and the reasons why or why not.

Some applications take longer to process than others. The timeframe depends on various factors, including the size and scale of your organisation, as well as the complexity and range of the supports and services you deliver. Generally, the timeframe for completion of the registration will be no longer than 12 months; for many NDIS providers, it is a much shorter period.
If you have applied for renewal of registration prior to the date of expiry, your registration will automatically be extended until the Commissioner makes a decision on your application for renewal. Once you have engaged an auditor and you provide them with a reference number and your scope of audit document, the auditor has nine months from the expiry date on your certificate of registration to complete the audit and report back to the Commission.

 How long does my NDIS or ACIS Registration last?

Both schemes have a standard 3 year cycle for certification.

For NDIS, if you have had a verification audit, you will need to be audited at 3 years

For NDIS, if you have had a provisional audit, you will need to be audited within 3 months of commencing service provision and possibly again at midterm (18 months)

For NDIS, if you have had a full certification or recertification, you will need to be audited at 18 months or midterm

For ACIS, if you have had a full certification or recertification, you will need to be audited at 12 months or you an apply for special consideration to move to 18 month surveillance

How is an Auditor selected as suitable to be an auditor, and indeed my auditor?

All auditors have to undertake a formal auditing qualification, as well as training against the standard being certified.  Then they have to be assessed by the Auditing body (us)  to ensure they have the experience and qualifications for each element within the standard.  They need to maintain many compliance requirements including; insurances, training and audit logs, performance appraisals, peer auditing reviews and checks like working with children and police check.  An audit team will usually consist of a lead auditor and may include a support auditor and or trainee.  Where technical experts are required they may also be a part of the audit team. Sometimes JAS-ANZ or the scheme owners may attend the audit as part of our compliance requirements.  All auditors before accepting your audit must sign a declaration of no conflict of interest or bias, prior to the audit being allocated to them.

After registration or renewal do I only see the auditors for the midterm assessment?

Generally yes, but it is important to understand that a Provisional assessment may result in a short noticed review of all remaining audit elements at any time.  The Commission can trigger an unscheduled audit at any time, so it is important that you maintain your systems and processes continually.

How do I prepare for the Surveillance or Midterm Audits?

You should contact us to schedule the upcoming audit up to 6 months in advance to support your planning processes.  Usually, governance and any outstanding issues from previous audits are covered in these but that is dependent on the standard being assessed.

 Can I change audit companies for the midterm or renewal?

Yes you can, you simply need to authorise us as your new auditing company and we will need to undertake a few checks including accessing your previous audit report.  We may additionally request additional documents at this time to validate the report findings.

Have other questions? Contact us using the button below.

Boost your business tomorrow, invest in an audit with CAA today.