The NDIS Quality and Safeguarding Framework places clear obligations on registered providers to identify and respond to risks to the safety and wellbeing of participants. For participants with complex needs, high vulnerability, or a history of abuse or neglect, a participant safeguarding plan formalises how your organisation will protect them — and provides the audit evidence that you have done so.
What Is a Participant Safeguarding Plan?
A participant safeguarding plan is an individual risk management document specific to one participant. It identifies the particular risks that person faces — based on their circumstances, history, and support needs — and details the specific strategies your organisation will use to mitigate those risks. It is distinct from a behaviour support plan (which addresses behaviour of concern) and a support plan (which addresses goals and funded supports). A safeguarding plan is focused exclusively on risk and protection. It is personalised, proactive and developed in partnership with the participant.
Why It Matters
- Promotes safety, choice and control for every participant
- Reduces the risk of harm and abuse through proactive risk identification
- Supports early identification and management of risks before incidents occur
- Required under the NDIS Practice Standards — Standard 2 (Governance & Operational Management) and Standard 4 (Participant Outcomes)
- Builds trust with participants, families, and the Commission — and demonstrates quality
Legal & Practice Requirements
Participant safeguarding plans are required or referenced across multiple legislative and regulatory instruments:
- NDIS Act 2013 — promotes the rights and dignity of participants and places obligations on providers to act with care
- NDIS Practice Standards — Standard 2 (Governance & Operational Management) and Standard 4 (Participant Outcomes) both require safeguarding systems
- NDIS Code of Conduct — requires providers and workers to take reasonable steps to prevent and respond to violence, exploitation, neglect, and abuse
- National Disability Insurance Scheme (Practice Standards) Rules 2018 — sets out the practice standards that apply to registered providers
- State and Territory safeguarding legislation — including Reportable Conduct Schemes, which require reporting of certain allegations against workers
Who Needs a Safeguarding Plan?
Not every participant requires a formal safeguarding plan — but every participant should have a risk assessment that considers whether one is needed. Safeguarding plans are particularly important for:
- Participants with a history of abuse, neglect, or exploitation
- Participants who lack capacity to report abuse or make decisions about their own safety
- Participants with complex medical needs where safety risks are inherent in the supports
- Participants in residential settings where there is limited external oversight
- Participants who engage in self-harming behaviour
- Participants with limited social networks and few independent contacts outside the service
- Children and young people in NDIS-funded residential care
Who Should Be Involved?
A safeguarding plan must be developed in collaboration. The plan must be individualised, easy to understand and accessible to the participant. It must promote the participant's rights, dignity, culture and choices. Involve:
- The participant — their views, goals and preferences must be central to the plan
- Family, carers or nominees — those who know the participant best and can contribute to risk identification
- Support workers and key staff — those who deliver services and will implement the plan day-to-day
- Allied health professionals — where risks relate to health, behaviour, or communication
- Other service providers — where the participant receives supports from multiple organisations
- Advocates or independent supporters — particularly where the participant has limited capacity to participate directly
What a Safeguarding Plan Must Include
Every safeguarding plan must address eight core components to meet NDIS Practice Standards requirements:
| Component | What It Covers |
|---|---|
| 1. Participant Information | Key details about the participant, their circumstances, support needs, and the people involved in their care |
| 2. Risks to Safety, Rights & Wellbeing | Identified risks of harm, abuse, neglect or exploitation in the participant's environment or supports — specific to this person |
| 3. Strategies to Manage Risk | Practical strategies to reduce or eliminate identified risks and promote the participant's safety and independence |
| 4. Supports & Resources | The supports, services and people involved in keeping the participant safe and well — internal and external |
| 5. Communication Plan | How the plan will be shared, who needs to know, and how the participant's views and privacy will be respected |
| 6. Monitoring & Review | How the plan will be monitored, reviewed and updated — regularly and when circumstances change |
| 7. Emergency Response | What to do if something goes wrong or the participant is at immediate risk — clear escalation steps |
| 8. Approval & Agreement | Developed with the participant (where possible) and agreed and signed by all involved parties |
1. Risk Identification
A clear statement of the specific risks identified for this participant, including:
- The nature of the risk (physical harm, financial exploitation, psychological harm, neglect, sexual abuse)
- The source of the risk — from other participants, workers, family members, community members, or environmental factors
- Historical incidents or known concerns that inform the risk assessment
- The participant's own awareness of the risks and their stated preferences for how to be kept safe
2. Risk Assessment
An assessment of each identified risk including likelihood and consequence — resulting in a risk rating. This guides the intensity of safeguarding strategies required.
3. Safeguarding Strategies
Specific actions your organisation will take to reduce each identified risk:
- Worker assignment decisions — who is and is not permitted to work with this participant and why
- Communication protocols — who the participant can contact if they feel unsafe
- Monitoring strategies — how you will detect if something goes wrong
- Environmental modifications that reduce exposure to risk
- Advocacy supports — connections to an independent advocate if the participant cannot self-advocate
4. Indicators and Escalation Protocol
What signs will workers watch for that indicate the plan may not be working or that a risk has eventuated? What is the escalation pathway — who do workers tell, what happens next?
5. Review Schedule
Safeguarding plans must be reviewed at intervals appropriate to the level of risk, and after any incident involving this participant. High-risk participants should have plans reviewed at least every 6 months.
AuditCore's Participant Management module stores safeguarding plans alongside support plans and incident history, with automated review date reminders and risk-level flagging across your participant caseload.
See Participant Management →How to Develop a Safeguarding Plan
Developing an effective safeguarding plan is a five-step collaborative process — not a form to be completed alone at a desk:
| Step | Action | What This Involves |
|---|---|---|
| 1. Engage | Talk with the participant and others | Listen to their goals, concerns and what keeps them safe. Build rapport before assessing risk. |
| 2. Assess | Identify risks and strengths | Consider the participant's environment, the people around them, existing supports, and systemic factors. |
| 3. Plan | Co-design strategies and supports | Agree on specific strategies that will work for this participant. The plan must reflect their preferences and be in accessible language. |
| 4. Implement | Put the plan into action | Share the plan with all relevant workers and services. Ensure everyone understands their role and the participant understands their rights. |
| 5. Monitor & Review | Check regularly and update | Review outcomes at scheduled intervals and after any incident or change in circumstances. Update the plan as needed. |
Good Practice Principles
Strong safeguarding practice is built on six principles that should be embedded in your organisation's culture:
- Participant-led and strengths-based — start with what the participant wants, values, and what already keeps them safe
- Culturally safe and inclusive — acknowledge and respect the participant's cultural background, identity, and communication needs
- Proportionate to the level of risk — higher-intensity strategies for higher-risk situations; avoid over-restriction
- Evidence-informed — base risk assessments on documented history and observable facts, not assumptions
- Respect privacy and confidentiality — share information only on a need-to-know basis
- Regularly reviewed and updated — a safeguarding plan is a living document, not a one-off compliance exercise
Safeguarding and the Four Pillars of the NDIS Framework
The NDIS Quality and Safeguarding Framework identifies four pillars that providers must address: empowerment, access, responsiveness, and capability. Safeguarding plans operationalise the responsiveness pillar — demonstrating that when a risk is identified, your organisation has a documented plan to respond to it.
Common Risks to Consider
When completing a safeguarding assessment, ensure you consider all categories of risk, not just the most obvious ones:
- Physical, sexual or emotional abuse — from workers, other participants, family members, or community
- Neglect or lack of care — failure to provide adequate supervision, medical care, or basic needs
- Financial exploitation — misuse of the participant's money, assets, or NDIS funding
- Discrimination or harassment — based on disability, gender, cultural background, or other characteristics
- Social isolation or loneliness — limited connections outside the service that reduce natural oversight
- Restrictive practices — use of physical, chemical, environmental, mechanical, or seclusion restraint without authorisation
What Auditors Look For
In both verification and certification audits, auditors will assess whether your organisation:
- Has a documented risk assessment process for all participants at intake
- Identifies high-risk participants and has individual safeguarding plans for them
- Reviews safeguarding plans on a scheduled basis and after incidents
- Has workers who can explain the safeguarding strategies for their participants when interviewed
- Links incident history to safeguarding plans — incidents should trigger safeguarding review
- Involves participants and their support networks in the development of safeguarding plans
Warning Signs — Act Early
Workers must be trained to recognise and report warning signs that a participant's safety may be at risk:
- Unexplained injuries or sudden changes in behaviour or mood
- Withdrawal or visible fear around certain workers, family members, or other participants
- Loss of money or belongings that cannot be explained
- Changes in living conditions — including cleanliness, nutrition, or physical environment
- Participant expressing feeling unsafe, unhappy, or asking for help
What to Do If You Have Concerns
- 1Act immediately to keep the participant safe — remove them from risk if possible
- 2Follow your organisation's incident management procedure — document and report internally
- 3Report to the NDIS Commission (1800 035 544) if the concern involves a reportable incident or allegation against a worker
- 4If someone is in immediate danger — call 000
Keep It Alive: When to Review
A safeguarding plan is not a one-off document. It must be treated as a living record and reviewed:
- At least every 12 months as part of the participant's scheduled plan review
- When the participant's goals, circumstances, or support needs change significantly
- After a critical incident involving the participant
- When new risks are identified — by workers, the participant, family, or other services
Safeguarding vs. Duty of Care
Safeguarding is not the same as duty of care, though they overlap. Duty of care is a general legal obligation to take reasonable steps to avoid foreseeable harm. Safeguarding is a proactive, structured, and documented approach to identifying and mitigating specific risks to specific people. Auditors and the Commission increasingly expect to see safeguarding plans that go beyond a general duty of care — they want evidence of individual risk thinking, individual strategies, and individual review.
AuditCore links safeguarding plans to participant profiles, incident history, and the continuous improvement register — so every risk is tracked, every review is scheduled, and every concern is documented in one place.
Safeguarding Plans in AuditCore →