NDIS registration
NDIS policy templates: the policies a provider needs
Policies and procedures are part of becoming a registered NDIS provider, and they are one of the first things an auditor asks to see. But you do not need every possible policy, and a folder of generic templates will not get you registered on its own. The documents you need depend on the supports you deliver and your audit pathway, and whichever ones apply, they have to match how your business actually runs. This guide lists the full document set most small providers work from, shows which are core and which are service-specific, flags the ones that need qualified review, and explains what an auditor actually checks.
You do not need every possible policy
It is easy to assume registration means producing a giant binder of every policy you can find. It does not. What you are assessed on depends on three things:
- Your registration groups. The classes of support you apply to deliver shape which standards and documents apply to you.
- Your audit pathway. Whether those groups put you on the verification or certification pathway changes how much evidence you are assessed against.
- The services you actually deliver. A policy only applies if it reflects something you genuinely do.
A lower-risk provider on the verification pathway usually needs a smaller evidence set than a certification provider delivering higher-risk supports. But smaller does not mean none. Even a sole trader on verification still needs the core governance, privacy, incident, complaints and safety policies, and the records that show those policies are used. The aim is a document set that genuinely fits your work, not the longest list you can assemble.
Quick answer: the categories most providers need
Across almost every small provider, the document set falls into six groups. Most providers need the first five; the sixth only applies if you deliver specific higher-risk supports.
Governance & quality
8 documentsPolicies & procedures
15 documentsWorking with participants
13 documentsStaff & employment
10 documentsRegisters & forms
8 documentsSpecialised supports (only if you provide these)
3 documentsThe 57 documents, by category
Here is the full set, with what each one is, who usually needs it, and its risk level. Treat it as a reference to tick against your own services, not a list to complete blindly.
Show the full 57-document checklist
Each document is tagged with a type:
- FoundationThe core set almost every provider needs.
- Service-specificOnly needed if you deliver that kind of support (for example, transport).
- Staff & employmentOnly needed once you take on workers.
- Register & evidenceThe logs and records that show your policies are actually used.
- Higher-riskNeeds review by an appropriately qualified person before you rely on it.
| Document | Who usually needs it | Risk |
|---|---|---|
| Governance & quality · 8 | ||
NDIS Code of Conduct & Worker Code of ConductFoundation The 7 NDIS Code of Conduct obligations, adapted into your own worker code with a sign-off page. | Every provider | Standard |
Governance & Operational Management PolicyFoundation How your business is run, who is responsible, and how you stay compliant. | Every provider | Standard |
Continuous Improvement PolicyFoundation How you review and improve your services over time (a Practice Standards requirement). | Every provider | Standard |
Risk Management Policy & FrameworkFoundation How you identify, assess and manage risks to participants, staff and the business. | Every provider | Standard |
Emergency & Business Continuity PlanFoundation How supports keep running through emergencies, disasters and disruptions. | Every provider | Standard |
Quality Improvement Plan (annual)Foundation Annual planning template covering priorities, measures, owners and review schedule. Pairs with the Continuous Improvement Policy. | Every provider | Standard |
Stakeholder Feedback SurveyFoundation Feedback from the people and services you work alongside (support coordinators, other providers, allied health, families/carers). Continuous improvement expects feedback from a range of sources, not only participants. | Every provider | Standard |
Financial Management PolicyFoundation Financial governance, budgeting, viability and continuity, NDIS claiming integrity, fraud controls and insurance - the Governance “Financial Management” standard. | Every provider | Standard |
| Policies & procedures · 15 | ||
Privacy & Confidentiality PolicyFoundation How you collect, store, use and protect participant and staff information. | Every provider | Standard |
Incident Management Policy & ProcedureFoundation How you record, respond to and report incidents, including NDIS reportable incidents and their timeframes. | Every provider | Standard |
Complaints & Feedback Management PolicyFoundation How participants raise complaints and give feedback, and how you respond. | Every provider | Standard |
Work Health & Safety (WHS) PolicyFoundation Your duty of care and safe-work approach for staff and participants. | Every provider | Standard |
Infection Prevention & Control PolicyFoundation Hand hygiene, PPE and outbreak measures. A worker training requirement under the Standards. | Every provider | Standard |
Records & Information Management PolicyFoundation How you keep, secure and retain records. | Every provider | Standard |
Conflict of Interest PolicyFoundation Identifying and managing conflicts so participant choice isn’t compromised. | Every provider | Standard |
Worker Supervision PolicyFoundation How you supervises workers: frequency, what supervision covers, and how concerns are handled. | Every provider | Standard |
Transitions PolicyFoundation Planned and unplanned transitions in, out and between supports, including continuity of supports. | Every provider | Standard |
Communication & Information Accessibility PolicyFoundation Easy Read, interpreters, Auslan, AAC and other accessible-communication arrangements. | Every provider | Standard |
Transport & Vehicle PolicyService-specific Safe transport of participants: licences, vehicle registration and insurance, restraints, transfers, and what to do after a breakdown or accident. | If you transport participants | Standard |
Data Breach Response PlanFoundation The four steps (contain, assess, notify, review) under the Notifiable Data Breaches scheme - which applies to you because you handle health information. | Every provider | Standard |
Lone Worker Policy & ProcedureService-specific Check-in system, missed-check-in escalation and personal safety for workers supporting participants one-to-one in homes and the community. | If workers support participants alone | Standard |
Open Disclosure ProcedureFoundation How you communicate openly and honestly with a participant after something goes wrong. Pairs with the Incident Management Policy. | Every provider | Standard |
Social Media & Online Conduct PolicyFoundation Protecting participant privacy online, image consent, professional conduct and boundaries on social media. | Every provider | Standard |
| Working with participants · 13 | ||
Participant Rights, Dignity & Safeguarding PolicyFoundation Rights, choice, dignity of risk, and protection from abuse, neglect and exploitation. | Anyone supporting participants | Standard |
Service Access & Intake PolicyFoundation How you take on (and, where needed, decline or exit) participants fairly. | Anyone supporting participants | Standard |
Service Delivery & Support Planning PolicyFoundation Person-centred support planning, delivering supports day to day, and reviewing them - the gap between intake and an ongoing service. | Anyone supporting participants | Standard |
Participant Service Agreement (template)Foundation The agreement between you and each participant: supports, costs, cancellations, rights, ending the agreement. | Anyone supporting participants | Standard |
Participant Consent FormFoundation Consent to provide supports and to collect/share information. | Anyone supporting participants | Standard |
Participant Handbook / Welcome PackFoundation Plain-language pack the participant gets at intake: rights, complaints, emergency contacts and what to expect. | Anyone supporting participants | Standard |
Participant Feedback SurveyFoundation A short, plain-language survey you send participants (e.g. yearly) to ask how things are going. The evidence behind continuous improvement: ask, record what you hear, and show what you changed. | Anyone supporting participants | Standard |
Participant Money & Property PolicyService-specific Cash handling, cards, valuables, keys, gifts, and how to respond to suspected financial abuse. | If you handle participant money or property | Standard |
Participant Intake & Assessment FormFoundation Captures a new participant’s details, goals, health/communication needs and an initial risk screen before supports begin. | Anyone supporting participants | Standard |
Participant Risk AssessmentFoundation The per-participant risk assessment auditors expect on file - risks, ratings, controls and review, with dignity of risk respected. | Anyone supporting participants | Standard |
Participant Support Plan (template)Foundation Person-centred plan built with the participant: goals, the supports you’ll provide, how they like them delivered, risks and review. | Anyone supporting participants | Standard |
Progress Notes (template + guidance)Foundation The day-to-day support record, with guidance on writing factual, person-centred notes that an auditor would accept. | Anyone supporting participants | Standard |
Individual Emergency PlanFoundation Per-participant emergency plan developed with the participant: their needs in an emergency, what to do, and how critical supports continue. | Anyone supporting participants | Standard |
| Staff & employment · 10 | ||
Human Resources, Recruitment & Screening PolicyStaff & employment Recruiting, screening (incl. NDIS Worker Screening), training and supervising staff. | If you recruit or screen workers | Standard |
Training & Development PolicyStaff & employment Induction (incl. the NDIS Worker Orientation Module), role-specific and mandatory training, and keeping worker skills current. | Anyone with workers (and your own training) | Standard |
Casual Employment Agreement (template)Staff & employment A casual contract you can issue to support workers. | If you employ workers | Standard |
Part-Time Employment Agreement (template)Staff & employment A part-time contract template. | If you employ workers | Standard |
Full-Time Employment Agreement (template)Staff & employment A full-time contract template. | If you employ workers | Standard |
Position Description: Support WorkerStaff & employment A ready-to-use support worker role description. | If you employ workers | Standard |
Offer of Employment Letter (template)Staff & employment A conditional offer letter that precedes the Employment Agreement - makes the offer subject to NDIS Worker Screening, references and right to work. | If you employ workers | Standard |
Confidentiality & Privacy Agreement (worker-signed)Staff & employment A worker undertaking to keep participant and business information confidential, during and after employment. Backs the Privacy & Confidentiality Policy. | If you employ workers | Standard |
Employee Details & Onboarding FormStaff & employment Collects new-starter details, bank/super/TFN declaration prompts, emergency contact and qualifications. | If you employ workers | Standard |
Worker Induction (presentation)Staff & employment A ready-to-run induction session for new workers - branded cover page, what your organisation does, and every standard a new NDIS worker needs (Code of Conduct, safeguarding, incidents, privacy, WHS) with a sign-off page. Edit the highlighted parts for your organisation. | If you employ workers | Standard |
| Registers & forms · 8 | ||
Incident RegisterRegister & evidence The single log of all incidents (incl. reportable ones) with follow-up and status, so incidents can be tracked and trended - not just recorded one-by-one. | Every provider | Standard |
Incident Report FormRegister & evidence A form your staff fill in when an incident happens. | Every provider | Standard |
Complaints & Feedback RegisterRegister & evidence A log to track complaints and how they were resolved. | Every provider | Standard |
Risk RegisterRegister & evidence A log to record risks, ratings and controls. | Every provider | Standard |
Conflict of Interest RegisterRegister & evidence Logs declared conflicts, how each is managed, and disclosure to the participant - the evidence behind the Conflict of Interest Policy. | Every provider | Standard |
Restrictive Practices RegisterHigher-risk Logs each use of a regulated restrictive practice under an authorised behaviour support plan, for monthly Commission reporting. For providers who use restrictive practices. | If you use regulated restrictive practices | Higher-risk |
Staff Record & Compliance ChecklistRegister & evidence Tracks each worker’s screening, qualifications, orientation module and training. | If you employ workers | Standard |
Complaint Letter Templates (acknowledgement + outcome)Register & evidence Two ready-to-send letter templates pairing with the Complaints Policy. | Every provider | Standard |
| Specialised supports (only if you provide these) · 3 | ||
Medication Management PolicyHigher-risk Levels of medication support, the "five rights", recording every dose, storage and what to do when an error happens. | If you support medication | Higher-risk |
Mealtime Management PolicyHigher-risk Mealtime risk and dysphagia, mealtime plans, modified diets, choking response and enteral feeding (HIDPA). | If you support mealtimes or dysphagia | Higher-risk |
Restrictive Practices PolicyHigher-risk The 5 regulated restrictive practices, when use is permitted, monthly Commission reporting, and the 24h-vs-5BD timeframes for unauthorised use. | If you use regulated restrictive practices | Higher-risk |
Counts and titles are read live from the Bluetail pack, so this list stays current. The type, who-needs-it and risk columns are a general guide - your own registration groups and services decide what actually applies to you.
Core, service-specific, and the rest
Reading down the table, the Foundation documents are the ones almost every provider needs: how you are governed, how you protect information, how you handle incidents and complaints, how you keep people safe, and the participant-facing basics like a service agreement and consent. If you are a small or lower-risk provider, this is the bulk of what you need.
Service-specific documents only apply if you do that thing - a transport policy if you drive participants, a money and property policy if you handle their funds. Staff and employment documents only start to matter once you take on workers, so a solo provider can leave most of them until they hire. Registers and evidence are not optional extras - they are the logs that prove your policies are real. And the Higher-risk documents need qualified review, covered next.
Higher-risk documents that need qualified review
Most of these documents are general governance and operational policies you can confidently tailor yourself. A few are different. They cover supports where a mistake can seriously harm a participant, so a general template is a starting point only, and an appropriately qualified person should be involved.
- Medication management.If you support participants with medication, you may need participant-specific directions, worker training for the medications and routes you actually support, and review by an appropriately qualified person such as a registered nurse, pharmacist or the participant’s prescriber.
- Mealtime management and dysphagia. Supporting mealtimes where there is a swallowing or choking risk may require participant-specific mealtime plans and input from a health practitioner such as a speech pathologist or dietitian.
- Restrictive practices. The use of regulated restrictive practices is highly regulated. If you use them, you need to understand your obligations around registration, an authorised behaviour support plan, state or territory authorisation, activating the practice in the NDIS Commission portal, monthly reporting, and reportable incidents.
On that last point: unauthorised use of a regulated restrictive practice is itself a reportable incident. Where there is harm, urgent (24-hour) reporting timeframes may apply; where there is no immediate harm, the 5 business day process may apply. The exact obligations change with the situation, so confirm the current requirements with the NDIS Commission and get qualified advice for the states or territories you operate in.
Some higher-risk supports also need participant-specific clinical frameworks and supplementary-module evidence that no general document pack can safely standardise. If that is your situation, the documents are only one part of what you will need, and they do not replace clinical, legal or specialist audit advice.
What auditors actually check
An audit is not a document review. An approved quality auditor is checking whether your policies are real - whether you understand them, follow them, and can show evidence that you do. Depending on your pathway and supports, they may look at:
- Your policies and procedures, and whether they match how you actually work
- Completed registers - incidents, complaints, risk and conflicts of interest
- Staff files and worker screening evidence
- Induction and training records, including the NDIS Worker Orientation Module
- Service agreements and participant consent records
- Support plans and progress notes, where you deliver direct support
- Incident and complaint records, and how you responded to them
- Your risk register and continuous improvement records
The thread running through all of it is evidence of practice. An auditor is far more interested in a handful of policies you genuinely follow, with the records to prove it, than a thick binder of templates nobody has read. A policy saved in a folder and never used is the thing that fails an audit, not the fact that it began as a template.
Free NDIS templates you can preview
You do not have to take any of this on trust. Some of these documents are free to see right now, before you pay anything:
- A free service agreement template. Our NDIS service agreement template is free and needs no signup. Pre-fill your details, then download the Word file or copy the text. It is one of the 57 documents in the pack.
- A real policy, free to download. You can download a sample Conflict of Interest Policy (a Word file, no signup) to judge the quality and depth for yourself.
- Preview the whole set with your own branding. On the registration pack page you can preview every one of the 57 documents free, pre-filled with your business name and logo, and only pay the one-off $50 if you want to unlock and edit them.
Writing your own vs using templates
You can write every policy yourself. If you know the Practice Standards well and have the time, that is a valid path; the trade-off is the hours it takes and the gaps that are easy to miss. Templates exist to remove the blank-page problem and give you the structure and language the standards expect.
A template is a starting point, not a finished policy.
Before you rely on any template, you need to read it, understand it, tailor it to how your business actually operates, and then follow it in practice. A policy that describes a business you do not run is worse than no policy, because the gap between the document and reality is exactly what an auditor looks for. Copying a template unchanged will not get you registered, and it will not keep participants safe.
This is also where people weigh up a consultant. A consultant may help with scoping your registration, tailoring documents to your service, getting you audit-ready, and navigating complex or higher-risk supports. A template pack reduces the drafting burden, but you still need to review, adapt and follow the documents yourself. For many straightforward small-provider registrations, the templates plus the free guidance on this site are enough. For complex or higher-risk supports, paying for qualified advice on those specific areas can be money well spent. There is more in our guides on what registration costs and registering without a consultant.
Preview the whole set before you pay
You can preview every one of the 57 documents free on the registration pack page, pre-filled with your business name and logo. Unlock the editable Word files for a one-off $50 when you are ready. The documents help you prepare; they do not register you, and they do not replace qualified clinical, legal or audit advice for complex or higher-risk supports.
See the $50 packCommon questions
Can I use templates for NDIS registration?
Yes. Starting from a template is common and completely legitimate, and most providers do it. There is no rule that you must write every policy from a blank page, and no one set of templates is officially required. What matters is that you tailor each template to your business, understand it, and can show you follow it. A template you adapt and use is fine; a template you copy and never read is not.
Do templates guarantee registration?
No. Nothing can guarantee registration. Templates prepare your documents, which is one part of the process. You still need to lodge your application, hold the right insurances, complete worker screening, and pass an audit by an approved quality auditor who checks that you actually follow your policies. Be wary of anyone who promises guaranteed registration.
What policies does a sole trader NDIS provider need?
A sole trader still needs the core foundation: governance, privacy, incident management, complaints, work health and safety, records, conflict of interest, and the participant-facing documents like a service agreement and consent. The staff and employment documents only start to matter once you take on workers. The exact mix depends on the registration groups you apply for and the supports you deliver.
What is the difference between a policy, procedure, register and form?
A policy is your commitment or rule (what you do and why). A procedure is the step-by-step of how you do it. A register is an ongoing log that builds up as you operate (for example, every incident or complaint). A form is the document you fill in for a single event. Auditors look for all four working together, because the registers and forms are the evidence that the policies and procedures are real.
Do verification providers need the same policies as certification providers?
Not identical. Verification is the lighter pathway for lower-risk supports and usually needs a smaller evidence set. Certification is for higher-risk supports and is assessed more deeply, against more of the Practice Standards and sometimes supplementary modules. Both still need policies and records that genuinely match the work they do - smaller does not mean none.
Which NDIS policies need clinical or specialist review?
The higher-risk ones: medication management, mealtime management and dysphagia supports, and restrictive practices (and behaviour support more broadly), plus anything tied to a supplementary module. Have these reviewed by an appropriately qualified person - for example a registered nurse, pharmacist, speech pathologist, dietitian or behaviour support practitioner - before you rely on them.
This guide is general information to help you prepare for NDIS provider registration. It is not legal, clinical or compliance advice, and it is not affiliated with the NDIS Commission or the NDIA. Rules change - check the current requirements with the NDIS Quality and Safeguards Commission, and get advice from an appropriately qualified person for your situation.