NDIS audit evidence · 4 audit-trail fields

How to pass your NDIS audit with SignBolt

SignBolt helps NDIS providers pass document checks by producing signed evidence that shows who signed, when they signed, where they signed from, and which method was used for each participant consent, policy acknowledgement, and service agreement.

NDIS audit evidence = signed PDF + audit trail + retention log

Outcome 1.5 evidence SignBolt helps preserve

NDIS Practice Standards Outcome 1.5 focuses on preventing violence, abuse, neglect, exploitation and discrimination. Your auditor needs documentary proof that controls were communicated, acknowledged and retained for each relevant participant or worker file.

Numeric claim: Outcome 1.5 is the cited NDIS Practice Standards control for this page.

Evidence requirement mapping

Auditors usually test 4 evidence points for signed records: identity, time, origin and method. SignBolt stores those points around the signing request and activity trail so the file can be reviewed without reconstructing events manually.

Requirement	SignBolt evidence	Auditor use
Who signed	Signer name, email and signer_id are recorded against the request.	Matches participant, nominee, worker or authorised representative evidence.
When they signed	created_at and completion events are stored in the audit trail.	Shows consent, acknowledgement or agreement existed before service delivery.
Where they signed from	Request metadata can retain location, IP and device context where captured.	Supports identity, access and document-control review.
What method was used	Email invitation, signing-request status and field-completion events are logged.	Shows the signature method used for the record under review.

Documents the NDIS Commission auditor will ask for

Prepare 7 document categories before the audit sample is selected. The goal is to prove that the right person received, reviewed and signed the current version of each document.

Participant service agreements
Consent and information-sharing forms
Worker policy acknowledgements
Incident follow-up documents
Restrictive-practice authorisation records
Complaints and feedback correspondence
Audit log exports for sampled files

How SignBolt produces the evidence

Use 4 output types for the audit pack: the signed PDF, the audit trail, the APP-12 subject access bundle and any APP-13 correction annotation.

Document	How SignBolt produces it
Signed PDF	Download the completed signing request from the participant or staff file.
Audit trail	Use activity_log entries to show each signing and field-completion event.
Subject access bundle	Use /api/me/export when a participant requests their personal data under APP-12.
Correction annotation	Use /api/me/correction-request to record APP-13 corrections without rewriting signed evidence.

Restrictive-practice records need tighter proof

For the 5 regulated restrictive practices, keep the authorisation, participant communication, staff acknowledgement and review evidence together. SignBolt gives each signed record a traceable request and signer history instead of an unsigned folder copy.

Seclusion

Chemical

Mechanical

Physical

Environmental

Retention, access and correction

Keep signed audit evidence for 7 years where your NDIS recordkeeping policy requires it, and use append-only correction records when a person challenges inaccurate personal information. APP-12 gives the person access; APP-13 records correction without rewriting signed evidence.

CTA: Run the next consent, service agreement or policy acknowledgement through SignBolt before the audit sample lands.

Sign a document

NDIS audit FAQ

These 5 answers match the literal questions NDIS providers ask before compiling their audit evidence pack.

How to pass your NDIS audit with SignBolt?

Use SignBolt to keep signed service agreements, consent forms and policy acknowledgements with an audit trail showing who signed, when they signed, where they signed from and the signing method used.

What does NDIS Practice Standards Outcome 1.5 require?

Outcome 1.5 expects providers to demonstrate controls that protect participants from violence, abuse, neglect, exploitation and discrimination, supported by policies, incident handling, staff acknowledgement and reliable records.

What documents will an NDIS auditor ask for?

An auditor commonly samples service agreements, consents, incident follow-up records, complaints records, restrictive-practice authorisations, staff acknowledgements and evidence that records are controlled.

Does SignBolt change immutable audit logs?

No. Correction requests are appended as superseded annotations so the original signed-document evidence remains intact.

Can a participant request their data from SignBolt?

Yes. The APP-12 export route returns the requesting user's profile, signing requests, recipient signing records and activity log entries as a JSON download.