“Happy Hunger Games! And may the odds be ever in your favour”
Well... lets hope it is not quite that dramatic, but without the right preparation you may end your first NDIS-audit feeling like it was an experience you "endured" and "survived".
Yes ... getting the right outcome is critical to your organisational success, but it need not be a painful experience. This "first" audit though will be the most challenging, as to a large extent both NDIS Service Providers and the Auditors themselves are feeling their way through the new standards and requirements.
Lets start at the beginning - what is required?
NDIS Service Providers are now subject to audit under the NDIS Practice Standards. Providers in SA and NSW, have just been though their first audits, and there have been learnings. But firstly, who is subject to audit? and how does it work?
Registered NDIS providers are now required to undergo an audit against the NDIS Practice Standards.
There are two types of audit: ‘verification’ or ‘certification’ quality audit. The NDIS Commission will advise the type of audit for your organisation.
You appoint your auditor. This is very different to the Aged Care sector (where the Aged Care Quality and Safety Commission have responsibility to conduct these reviews and audits).
Your compliance is assessed on an attainment scale from 3 to 0 at an outcome-indicator level ... you don't really want to see many "(1)" minor non-conformity's and, lets face, we don't want any (0) major non-conformities. (NB Audits will also report any critical risks identified).
A major non-conformity precludes Registration. Providers, please note, three minor non-conformities within the same module may also constitute a major non-conformity. The word "may' implies some discretion. This is a matter that should be discussed at the time of appointing your auditor, and also during the course of the audit itself (i.e. in what circumstances will they apply that discretion?).
You will require an audit every three years, but you will see your auditors every year, and the legislation requires surveillance (monitoring) audits to be conducted at least once every twelve months.
Before turning to ways to improve your odds of survival, its useful to provide some initial observations on the state of the market:
A sellers market? The NDIS Safety and Quality Commission (the Commission) maintains a list of "Approved Quality Auditors". Until recently, this list was very short and providers in SA and NSW have actually found it very difficult to source an Approved Quality Auditor. In my view the list still does not provide sufficient capacity. Providers can expect some difficulties in agreeing the timing of the required audit visits.
Learning as we go (remember, it's not Aged Care). This is new for everyone, and (with all respect) the auditors are still coming to terms with the new requirements themselves. While an audit, is still an audit (all auditors, whether financial or quality, are looking for mixed sources of corroborating evidence), many NDIS Quality Auditors are much more familiar with the Aged Care Quality Assessments and audits. While helpful, to some degree, this can result in an overly "clinical" approach to audit.
Tips to turn the odds in your favour
Choose an auditor that you can establish an effective partnership with. While the auditors have clear responsibilities to be independent, this is still a client/supplier relationship. In fact, it is one of the more important relationships for your business to remain a going concern (you can't operate without it). So choose wisely. Run the selection processes with the importance it deserves. That means: (a) determine your evaluation criteria; (b) run a request for tender process; (c) shortlist and interview the shortlisted candidates; (d) ask and seek assurances about ways of working and team members (including continuity); and (e) select a team that can work in partnership with your organisation.
Prepare for your audit. (and yes, I'm stating the obvious ... sorry). There is much you can do to prepare. While the Practice Standards are the obvious point of reference, the Quality Indicators themselves (i.e. the indicators of compliance that the auditors will measure you against) are also available. Get prepared early and engage either internal, or external, resources to complete a Gap Analysis against the standards and rectify any gaps well in advance of the audit visit. Then, go to the next level, and prepare a compendium of evidence of compliance to hand to the auditors on Day 1.
Engage your leadership team in the visit. The objective is two-fold: firstly, it demonstrates commitment to the standards and the audit process; and secondly, it builds an organisational-relationship with the audit team. Your entire executive team should be present (finance, IT, operations, marketing), and to be honest, a Board member attending the kick-off meeting wouldn't hurt either. The auditors may run end of day briefings, and will certainly hold a closing meeting. At the closing meeting, the CEO and executive team should again be well represented, and bring a minute-taker to keep a record on the verbal findings and observations made. If you have concerns about 'matters of fact', now is the time to raise them ... if you raise them after the closing meeting you might find that time and process work against you.
Address your non-conformities thoroughly and promptly. This is your first NDIS Practice Standards audit and things might not be perfect. Your auditors will inform you of their findings at the closing meeting (in fact, it is a requirement under the legislation). Assuming there are no glaring errors, its time to accept that there are opportunities to improve. A growth-mindset is required. Develop your corrective actions and, where relevant, it's is always in the provider's best interest to develop continuous improvement plans (to show your commitment to better (or best) practice). Your auditors will want to see evidence of your corrective actions, so package your evidence neatly together against the standards and quality indicators and use the right NDIS language. It all adds to the 'bigger picture' of demonstrating: professionalism, responsiveness; and your organisation's complete understanding of the NDIS.
What else do I need to prepare for?
I've previously written on ways to prepare for the new Reportable Incident requirements of the NDIS Quality and Safeguards Standards. For those service providers starting the quality and safeguards journey, try the link below:
If you would like a free framework to assist in conducting your Gap Analysis click here and send me a request with your contact details.