Safeguarding & Risk Management Policy

Good Company Disability Services Pty Ltd
Effective Date: 29 May 2025
Review Date: 29 May 2026
Contact: [email protected]


1. Purpose

This policy outlines how Good Company Disability Services (Good Company) safeguards the health, wellbeing, dignity, and rights of participants while managing and minimising risks associated with service delivery. It reflects our commitment to creating a safe, inclusive, and responsive environment in accordance with the NDIS Code of Conduct and relevant legislation.


2. Scope

This policy applies to:

  • All employees, contractors, volunteers, and board members

  • Participants and their families/carers

  • Visitors and service providers

  • All operational contexts including in-person, remote, and online services


3. Definitions

TermDefinition
SafeguardingActions taken to promote the welfare and protect the rights of participants.
Reportable IncidentSerious incidents that must be reported to the NDIS Quality and Safeguards Commission under the NDIS (Incident Management and Reportable Incidents) Rules.
Risk ManagementSystematic approach to identifying, assessing, treating, and monitoring risks that could affect service quality or participant safety.
Duty of CareLegal and ethical obligation to ensure reasonable steps are taken to prevent foreseeable harm.

4. Guiding Principles

  • Participant-Centred Practice: Decisions are made in the best interest of participants, respecting their rights, choices, and autonomy.

  • Zero Tolerance for Abuse: All forms of abuse, neglect, exploitation, and discrimination are strictly prohibited and actively prevented.

  • Proactive Risk Management: Risk is managed proactively through continuous identification, assessment, control, and review.

  • Duty of Care: We act responsibly and reasonably to prevent foreseeable harm.

  • Compliance: This practice complies with the Privacy Act 1988 (Cth) and the NDIS Practice Standards on the date noted as effective date on this policy.


5. Alignment with NDIS Practice Standards

This policy supports compliance with the following NDIS Practice Standards:

  • Rights & Responsibilities: Upholding participant rights and freedoms

  • Governance & Operational Management: Ensuring organisational oversight and risk responsiveness

  • Provision of Supports: Maintaining a safe and high-quality service environment

  • Incident Management: Responding appropriately to reportable and non-reportable incidents


6. Safeguarding Commitments

6.1 Participant Safety
  • Ongoing assessment of individual support needs and vulnerability

  • Personalised safeguarding and behaviour support plans

  • Immediate response and escalation of safeguarding concerns

6.2 Child Safety
  • Compliance with state-based child protection legislation

  • Mandatory Working With Children Checks for team members supporting participants under 18 years of age

  • Child-friendly communication and education on safety

6.3 Cultural Safety
  • Respect for diverse cultural, linguistic, and spiritual identities

  • Inclusion of interpreters, cultural liaisons, and accessible supports as needed

6.4 Participant Involvement
  • Participants are actively involved in:

    • Identifying personal risks and developing mitigation strategies

    • Reviewing behaviour and safeguarding plans

    • Providing feedback about safety and wellbeing through accessible channels


7. Risk Management Approach

7.1 Risk Identification & Assessment

Risks are identified across the following domains:

  • Participant wellbeing and vulnerability

  • Behavioural, environmental, financial, and reputational threats

  • Compliance and operational practices

7.2 Risk Categories & Examples
Risk CategoryExample
Participant SafetyFalls, medication errors, choking
Behavioural RisksSelf-harm, aggression, absconding
Environmental RisksHazardous equipment, unsafe housing conditions
Cyber/InformationData breaches, phishing, privacy violations
ReputationalMedia issues, policy breaches, staff misconduct
7.3 Controls & Mitigation
  • Use of behaviour support plans, positive behaviour strategies where authorised and provided by participants’ specialists

  • Staff training in WHS, de-escalation, and support protocols

  • Complaints, incident management, and continuous improvement systems

7.4 Monitoring & Review
  • Reviews of risk register by management

  • Internal audits of safeguarding practices

  • Reports to board-level risk committee where required

  • Annual review or earlier if required by regulatory change or incident outcome


8. Digital Safeguarding

As part of delivering safe and modern support, Good Company implements strong digital risk controls:

  • Use of secure cloud-based platforms for all participant records

  • Multi-factor authentication and role-based access controls

  • Staff training in digital literacy, privacy, and cyber hygiene

  • Regular penetration testing and/or vulnerability assessments


9. Incident Reporting & Escalation

  • All staff are required to report safeguarding concerns immediately

  • Serious incidents are escalated in accordance with the NDIS (Incident Management and Reportable Incidents) Rules

  • Internal reviews are conducted to assess root causes and implement corrective actions

  • Participants are kept informed (in accessible formats) of outcomes when appropriate


10. Governance Oversight

  • The Board receives updates on risk trends and incident outcomes

  • Executive management is accountable for the integrity and effectiveness of safeguarding systems

  • Continuous quality improvement is driven by audit findings and participant feedback


11. Complaints and Feedback

All stakeholders are encouraged to raise concerns via our Complaints Policy. Feedback is valued and used to continuously improve participant safety and organisational transparency.


12. Related Policies

  • Incident Management Policy

  • Feedback & Complaints Policy

  • Code of Conduct

  • Behaviour Support Policy

  • Participant Rights & Advocacy Policy

13. Review

This policy is reviewed annually and following:

  • Reportable or critical incidents

  • Legislative changes

  • Major organisational changes