How to Conduct Internal Practice Reviews Under NDIS
Learn how to conduct Internal Practice Reviews under the NDIS. Step-by-step guide to improve compliance, quality, risk management, and participant outcomes.
Internal Practice Reviews (IPRs) are one of the most effective ways for NDIS providers to strengthen their compliance, improve service quality, and ensure participants receive safe and high-quality support. With the NDIS Quality and Safeguards Commission placing increasing emphasis on continuous improvement, running regular internal reviews is no longer optional - it’s essential.
In this guide, we break down what an Internal Practice Review is, why it matters, and exactly how providers can conduct a compliant review from start to finish.
What Is an Internal Practice Review?
An Internal Practice Review is basically a health check for your organisation. It’s a structured way to look at how well you’re delivering NDIS supports, whether your team is following the Practice Standards, and how closely everyone is working to your own policies and procedures.
While it’s similar to an Internal Audit, an IPR goes a step further. Instead of only checking documents, it looks at what’s really happening day to day - how staff deliver supports, how participants experience your services, and whether your systems are working the way they should.
Providers usually carry out Internal Practice Reviews:
- Regularly, such as every quarter or twice a year.
- After incidents or complaints, to understand what went wrong.
- When rolling out new services, systems, or processes.
- Before external NDIS audits, to make sure everything is on track.
The goal is simple: to spot risks, gaps, or issues early and make improvements before they turn into bigger problems or non-compliances. It’s about strengthening quality, keeping participants safe, and helping your organisation grow with confidence.
Why Are Internal Practice Reviews Essential Under the NDIS?
Internal Practice Reviews play a huge role in helping providers deliver safer, better-quality supports. Here’s why they matter so much:
- Strengthen compliance with the NDIS Practice Standards
IPRs give you a clear picture of how well your organisation is meeting the NDIS Quality Indicators. They highlight whether your systems protect participant rights, manage risk effectively, and support safe, consistent service delivery. - Improve participant outcomes and safety
Reviews help you understand whether supports genuinely reflect participants’ goals, preferences, and cultural needs. They shine a light on areas where the participant experience can be strengthened. - Identify and manage risks early
An IPR helps you spot weak processes, outdated documents, or unsafe practices before they turn into incidents. It’s a proactive way to prevent problems rather than react to them. - Prepare for external NDIS audits
Auditors look for solid evidence and reliable systems. Regular Internal Practice Reviews make sure everything is in order, so when audit time comes, your organisation feels confident and prepared. - Build a culture of continuous improvement
When reviews become part of your routine, they encourage teams to stay accountable, reflect on their practice, and improve over time. It creates a culture where quality and safety come first.
Key Areas to Review During an Internal Practice Review
An effective IPR should assess multiple core areas of NDIS service delivery:
1. Participant Outcomes & Rights
- Choice and control
- Informed consent
- Cultural safety
- Respect, dignity, and least-restrictive support
- Responsiveness to participant goals
2. Risk Management & Safeguarding
- Incident management
- Restrictive practice reporting and oversight
- Risk assessments
- Emergency preparedness and worker safety
3. Service Delivery & Support Quality
- Alignment between support plans and actual delivery
- Staff-to-task competency matching
- Communication with participants and families
- Follow-through on participant goals
4. Documentation & Record Keeping
- Progress notes
- Incident reports
- Support plans and risk assessments
- Policies and procedures
- Staff records
5. Workforce & Competency
- Worker screening and onboarding
- Mandatory training compliance
- Supervision and performance reviews
- Professional boundaries and code of conduct
How to Conduct an Internal Practice Review? (Step-by-Step)
Conducting an Internal Practice Review (IPR) under the NDIS is more than a compliance exercise. It’s a proactive approach to ensuring participants receive safe, high-quality supports and that your organisation is aligned with NDIS Practice Standards. Below is a detailed breakdown of each step.
Step 1: Define the Scope and Objectives
Before you start, clarify what you are reviewing and why. Without a clear scope, the review can become unfocused or overwhelming.
Your scope may focus on:
- A specific Practice Standard - e.g., participant rights, risk management, or governance.
- High-risk areas - such as incident management, restrictive practices, or medication administration.
- A particular service - e.g., Supported Independent Living (SIL), community access, or group programs.
- Organisation-wide compliance - to review policies, procedures, and staff competence across all services.
Tip: Clearly stating objectives helps align the review with internal priorities and NDIS audit expectations. Example objective: “Assess the effectiveness of incident management procedures and ensure all incidents are logged, investigated, and mitigated in line with NDIS Practice Standards.”
Step 2: Set Your Review Criteria
Your criteria define what “good practice” looks like. They guide your evidence collection and analysis, ensuring consistency.
Review criteria should be based on:
- NDIS Practice Standards - such as rights, governance, risk management, and service delivery.
- NDIS Quality Indicators - to measure compliance and quality outcomes.
- Internal policies and procedures - organisation-specific processes for service delivery and documentation.
- Relevant legislation - e.g., privacy, workplace safety, or state-specific disability regulations.
Tip: Create a checklist linking each criterion to the source document, policy, or standard. This ensures nothing is missed and makes the review auditable.
Step 3: Gather Evidence
Collecting evidence is where you see what actually happens versus what your policies state. A robust evidence collection process ensures credibility and accuracy.
Include:
- Documentation reviews - support plans, progress notes, incident reports, risk assessments.
- Staff interviews - ask frontline staff how they implement policies, handle risks, and communicate with participants.
- Participant feedback - gain insights on satisfaction, choice, control, and outcomes.
- Direct observations - watch supports being delivered to identify gaps, strengths, or non-compliance.
- System data checks - review rostering, training logs, and incident records for accuracy.
Tip: Document everything in a structured format (e.g., table or spreadsheet) to make analysis easier. Include dates, staff involved, and specific examples.
Step 4: Analyse Findings
Once evidence is collected, it’s time to make sense of it. Analysis helps identify trends, risks, and opportunities for improvement.
Key actions:
- Identify patterns - recurring issues, gaps, or areas of excellence.
- Flag non-compliances - anything that doesn’t meet NDIS Practice Standards or internal policies.
- Assess risk levels - classify issues as low, medium, or high based on potential impact on participants and organisation.
- Spot systemic issues - problems affecting multiple teams, services, or participants.
Tip: Use a simple risk matrix to prioritise issues. This will help determine which problems require immediate attention and which can be addressed over time.
Step 5: Create an Action Plan with Recommendations
A review is only valuable if it leads to action. The action plan translates findings into measurable improvements.
Include:
- The issue identified - clear description of the problem.
- Corrective and preventive actions - steps to fix the issue and prevent recurrence.
- Responsible team members - assign accountability to ensure follow-through.
- Deadlines - realistic timelines for implementation.
- Success indicators - how will you measure that the issue has been resolved?
Tip: Consider both short-term quick wins and long-term systemic improvements. Use project management tools to track progress.
Step 6: Implement and Monitor Improvements
Implementation is about embedding change into everyday practice. Without monitoring, improvements may not last.
Key steps:
- Update procedures - ensure policies reflect best practices and new learnings.
- Deliver training - upskill staff to address gaps identified in the review.
- Adjust risk and incident systems - ensure tools capture new workflows.
- Follow-up reviews - schedule checks to confirm action plans are effective.
- Document everything - evidence of implementation is critical for future audits.
Tip: Make monitoring a continuous process. Incorporate IPR findings into team meetings, supervision, and governance reporting to ensure accountability.
Common Mistakes Providers Make During IPRs
Avoid the following pitfalls:
- Only reviewing documents without checking actual practice.
- Involving only managers and ignoring frontline staff.
- Conducting IPRs only before external audits.
- Failing to complete or follow up on action plans.
- Using vague review criteria.
- Not capturing evidence clearly.
A thorough review balances both paper evidence and real-world practice.
Best Practices for Effective Internal Practice Reviews
- Conduct reviews quarterly or biannually.
- Involve multidisciplinary teams.
- Use a risk-based approach to prioritise areas.
- Incorporate participant voice in the review.
- Benchmark outcomes against external audit feedback.
- Keep a centralised record of all IPRs and improvements.
How Imploy Helps with Internal Practice Reviews?
Managing Internal Practice Reviews can be time-consuming, especially when evidence is scattered across spreadsheets, emails, and paper files. Imploy helps NDIS providers streamline the entire review process by bringing compliance, documentation, and workforce data into one secure system.
With Imploy, providers can:
- Centralise compliance evidence such as policies, procedures, incident reports, and progress notes in one place.
- Track staff training and competencies to ensure workers are qualified and aligned to participant needs.
- Monitor incidents and risks in real time, making it easier to identify patterns during reviews.
- Access audit-ready records that support NDIS Practice Standards and Quality Indicators.
- Reduce manual admin by using digital workflows instead of disconnected tools
By supporting visibility, accountability, and consistency, Imploy helps providers move beyond tick-box reviews and embed continuous improvement into everyday practice - making Internal Practice Reviews simpler, faster, and more effective.
Final Thoughts
Internal Practice Reviews are one of the most practical ways NDIS providers can protect participants, strengthen compliance, and improve the quality of their services. When done well, they move beyond box-ticking and become a meaningful tool for reflection, learning, and continuous improvement.
By regularly reviewing real-world practice, listening to staff and participants, and acting on findings, providers can identify risks early, stay aligned with NDIS Practice Standards, and feel confident when external audits come around. Most importantly, Internal Practice Reviews help ensure that supports are delivered safely, respectfully, and in line with what participants actually want and need.
FAQs
1. Are Internal Practice Reviews mandatory under the NDIS?
While the NDIS does not prescribe a specific “Internal Practice Review” process, providers are expected to demonstrate continuous improvement and compliance with the NDIS Practice Standards. Internal Practice Reviews are one of the best ways to meet this expectation.
2. How often should an Internal Practice Review be conducted?
Most providers conduct IPRs quarterly, biannually, or annually. Reviews should also be completed after serious incidents, complaints, or major organisational changes.
3. Who should conduct an Internal Practice Review?
Reviews can be conducted by quality managers, compliance officers, senior staff, or an independent internal reviewer. The key requirement is objectivity and a good understanding of the NDIS Practice Standards.
4. What evidence should be collected during a review?
Evidence may include policies and procedures, progress notes, incident reports, training records, participant feedback, staff interviews, and observations of service delivery.
5. How is an Internal Practice Review different from an NDIS audit?
An Internal Practice Review is provider-led and focuses on improvement, while an NDIS audit is conducted by an approved auditor and assesses formal compliance. IPRs help providers prepare for audits by identifying issues early.
