You pay for your own audit. Walk in prepared.
The NDIS is a pay-for-audit system: you engage and pay your own approved quality auditor, on roughly a three-year renewal cycle. Every day of audit time spent discovering gaps is a day you paid for — twice, once in fees and once in nonconformities. Attesta finds them first.
Penalties above $15 million. Scrutiny to match.
The 2026 integrity reforms lifted maximum civil penalties for NDIS providers to more than $15 million. The message from the NDIS Quality and Safeguards Commission is unambiguous: registration is not a formality, and documentation that "mostly covers it" is a liability with a number attached.
Certification audits against the Practice Standards work through your documented systems module by module. When your auditor raises a major nonconformity, remediation happens on the auditor's clock and your renewal timeline — the most expensive possible place to discover a gap that a document review could have caught months earlier.
The Practice Standards come preloaded — core module and all.
The NDIS Practice Standards (NDIS Provider Registration and Practice Standards Rules 2018) are a Commonwealth legislative instrument, and they come preloaded in Attesta, reproduced unmodified from the Federal Register of Legislation. Core module, and supplementary modules for the registration groups that carry them. You never configure a framework — you upload your policies and Attesta maps them to the quality indicators your auditor will use.
Attesta speaks your auditor's language. Findings are graded using certification-audit vocabulary — the same scale your quality auditor reports against:
Major nonconformity risk
A required system or policy is absent or fundamentally inadequate — the kind of finding that can stall a registration decision. These surface at the top of your fix-first list.
Minor nonconformity risk
The system exists but the documentation is incomplete, out of date, or doesn't fully address the quality indicators. Fixable before the audit — if you know about it.
Improvement opportunity
Conformant, but there's a clear way to strengthen the evidence. The difference between passing an audit and sailing through one.
Every finding carries a citation to the exact Practice Standards clause, a High / Medium / Low confidence indicator, and a human sign-off step — you accept, reject or defer each one. See the full methodology.
Audit preparation for less than one consultant day per month.
At $295 per month per service, a year of continuous NDIS readiness costs less than a single day of consultant time — against mock-audit engagements that typically run $20,000–$50,000 per cycle. And unlike a mock audit, Attesta doesn't go stale: revise a policy, re-run the assessment, and your Readiness Level updates the same day.
Use it before your renewal audit to clear the document-level findings in advance. Use it between audits so mid-cycle surveillance activity never catches you with a policy suite that drifted.
Know what your auditor will find — before you book the audit.
The free snapshot assesses up to 10 documents against the NDIS Practice Standards core module and returns your Readiness Level, per-module bars and top three priority actions.