How to Build Your NDIS Policy Pack From Scratch
Your policy pack is your operational manual—the document that tells auditors how you run your service. From our Enrichment Care experience building policy packs and reviewing hundreds for audit readiness, we can tell you this: most providers either have no policy pack or have one that doesn't match their actual operations. Auditors ask staff questions and cross-check answers against your policies. If your policy says 'all complaints are reviewed within 5 days' but staff don't know that, you'll fail the audit. The goal isn't to write perfect policies—it's to write clear policies that your team actually follows and can explain. This guide walks you through building a policy pack from scratch, or updating an outdated one, to pass Certification audit.
What Your Policy Pack Actually Needs to Cover
Your policy pack doesn't need to be 100 pages. In fact, concise policies are easier for staff to follow and auditors to verify. Cover these core areas: (1) Governance and leadership—who makes decisions, how often does leadership meet. (2) Complaints and feedback—how participants raise complaints, how you investigate and respond, timeframes. (3) Safeguarding—your worker screening process, allegation management, abuse prevention. (4) Service delivery—how you intake participants, build support plans, review and adjust. (5) Health and safety—incident reporting, risk management, emergency procedures. (6) Privacy and data—how you collect, store, and protect participant information. (7) Invoicing and finance—how you bill participants, handle overpayments, maintain records. (8) Staff management—recruitment, induction, training, performance management, disciplinary procedures. (9) Quality improvement—how you use feedback and data to improve service. Each policy should be 1-3 pages, with a clear procedure or checklist that staff can follow. Longer policies confuse staff and signal that you haven't simplified your operations.
Template Structure: How to Write Policies Staff Will Actually Use
For each policy area, use this structure: (1) Policy statement—what is your principle? Example: 'We intake all new participants within 5 business days of first contact.' (2) Procedure—step-by-step what happens. Example: 'Step 1: Admin receives inquiry via phone/website → logs in inquiry register. Step 2: Coordinator calls participant within 24 hours to confirm needs. Step 3: Face-to-face intake meeting scheduled within 5 days. Step 4: Support plan drafted within 7 days of intake meeting.' (3) Responsibility—who does what. Example: 'Admin logs inquiry; Coordinator conducts intake; Manager approves support plan.' (4) Records—what documents you keep. Example: 'Inquiry register, intake notes, signed support plan.' (5) Timeline—when does this happen. Example: 'All steps completed within 5 business days of initial inquiry.' Use clear, plain language. Avoid jargon. Your support workers should be able to read and understand every policy without a dictionary. When writing, ask yourself: 'Can a new staff member follow this procedure on day one?'
Building Your Specific Policies: Real Examples
Complaints policy: 'Any staff member who hears a complaint immediately records it in our complaints register (date, person, details, staff member name). Within 24 hours, the service coordinator contacts the participant to acknowledge and agree on next steps. Within 5 business days, the service coordinator has investigated and met with the participant with a resolution. The outcome is documented in the register and filed in the participant's record. All complaints are reviewed monthly by the manager to identify patterns.' Intake policy: 'When we receive an inquiry, admin logs the date and contact details in our inquiry register. The coordinator calls within 24 hours to understand the participant's needs and goals. We schedule a face-to-face intake meeting within 5 business days. During intake, we complete our intake form, covering demographics, current supports, NDIS plan goals, and any safety concerns. Within 7 days of intake, the coordinator drafts a support plan that links to the participant's NDIS goals. The manager reviews for completeness, and we email the draft plan to the participant for feedback. Once approved, we add the support plan to ShiftCare and notify our support team.' These concrete, procedural policies are audit-ready.
Implementing Your Policy Pack and Audit-Proofing It
Once drafted, print or share your policy pack with your whole team. Brief them on each policy in a team meeting. Ask 'Do you understand this policy? Can you follow this process?' Let staff point out gaps or unclear steps. Revise based on feedback. Next, test your policies against your actual operations. Pick a recent incident (a complaint, a new intake, an incident) and trace it through your policy. Did you follow your own steps? If not, your policy doesn't match reality—revise it. Then, run a mock audit. Have someone external (or use Provider Scale's Free Compliance Health Check) interview 2-3 staff members on each policy area. 'Walk me through your complaints process.' If staff can explain it and your files show you followed it, you're ready. Update your policies annually based on audit findings, staff feedback, and operational changes. Keep a version control log so auditors see you're actively managing and improving your policies.
Your Policy Pack Timeline
Week 1: List the 9 policy areas and assign each to a team member (or do it yourself). Week 2-3: Draft policies using the template structure above. Week 4: Team meeting to review and refine policies. Week 5: Revise policies based on feedback. Week 6-7: Test policies against recent incidents or cases. Week 8: Run a mock audit on 2-3 policies. Week 9-12: Refine weak policies and brief team on final version. By your Certification audit, your policy pack will be coherent, staff will understand it, and your operations will match your documentation. This is the single strongest predictor of audit success.