Risk Policy


Participate OT is committed to providing and maintaining quality occupational therapy services, and this policy outlines how we identify and manage risks.


This policy applies to supports and services provided to all participants.

What is risk management?

Risk management involves identifying and managing risks. This includes a wide range of risks including risks to the organisation’s operation, to workers and to participants. Risks are inevitable but risk management aims to reduce the chance of a particular event from happening. If it does happen, risk management helps to reduce its impact. Benefits of risk management can include:

  • reduced business downtime
  • reduced loss of cash flow
  • reduced injuries or illness to participants and workers
  • increased health and well-being of participants and workers
  • increased innovation, quality and efficiency through continuous improvement.

Identifying risks

Risk is the combination of the likelihood (chance) of an event occurring and the consequences (impact) if it does. Risk management aims to increase the likelihood and impact of a desirable outcome as much as possible. Risk identification is the process of finding, recognising and describing risks.

Participant risk management

Identifying risks to participants is an important part of providing supports and services. Identifying risks to participants and regular reviews of those risks is an ongoing process. Regular reviews help to ensure risk management strategies in place are effective and that they adequately address identified risks. With this in mind:

  • risk assessments for new participants must be conducted during the on-board process
  • risk assessments for existing participants must be conducted every 12 months or more often if there are changes in the participant’s needs
  • risk management plans for participants should be reviewed quarterly or more often if there are changes in the participant’s needs.
  • strategic risk management

Risk management should consider strategic risks. This includes identifying and managing risks related to the service achieving its business objectives. This may include risks to:

  • funding—this might include donors, gifts and funding bodies
  • mismanagement—risks to the organisation’s reputation
  • founder risk—where the organisation’s original benefactor lacks the required business and financial skills to run the service appropriately.
  • strategic risk management — strategies involve thorough research and planning.

Compliance risk management 

Ensuring the organisation operates within the law carries its own compliance risks. These risks must be identified and assessed under a risk management framework. Examples of compliance risks may include:

  • unregistered and/or uninsured company vehicles
  • fulfilling reporting requirements to comply with legislation or funding agreements
  • fundraising activities or sources which breach legislative requirements
  • key management
  • personnel operating outside their authority
  • activities that are outside the organisation’s constitution.

Compliance risks must be eliminated entirely unlike other types of risks where elimination may not be possible.

Strategies to prevent compliance risks include (among others):

  • a robust compliance culture
  • internal controls in areas of compliance
  • regular internal audits in areas of compliance.
  • consequence ratings for participants

The steps to manage risks for participants are:

  • identify risks—identify risks specific to each individual participant
  • assess risks—understand how likely it is to happen and how bad it could be
  • control risks—implement appropriate lifestyle plans to lessen the likelihood and/or the amount of harm
  • review control measures—check and ensure risks are under control and there are no new risks.

Responsibilities of workers 

All workers should:

  • follow participant risk management plans
  • support participants to communicate and self-advocate if the participant requests or requires support
  • assist the participant, if they request or require support, to maintain a risk management plan as safety needs change
  • inform the team of any changes to a participant’s safety needs
  • seek support from key management personnel to manage a risk, if required
  • collaborate with relevant parties when concerns about risk management
  • escalate to key management personnel
  • be actively engaged during supervision and team meetings to work through risk management issues
  • have a basic understanding of NDIS Quality and Safeguarding Framework
  • have a basic understanding of relevant WHS policies.

Duty of care

Providing a duty of care to participants involves ensuring adequate care is taken to avoid injury. When assessing activities or situations for possible injury, we should keep in mind:

  • what is already known about a person’s capacity to carry out similar activities safely
  • what is known about a person’s awareness of what risks might be involved and how to avoid them
  • what is known about the dangers involved in the activity and whether the person can deal with them
  • what can be learnt from relevant assessments or reports about the person’s abilities and skills.

Participants, workers and others important to the participant should work cooperatively to develop strategies and to identify solutions for issues that challenge duty of care for workers and dignity of risk to participants. In order to achieve this, we must:

  • take all steps to avoid harm
  • understand the participant’s capacity for making decisions about the risk they are managing
  • seek advice and assistance from their line manager when they encounter something that is outside their delegation, experience or skill set
  • ensure that relevant legislation, policies and procedures are part of their decision making processes
  • provide information to the participant, other workers and family about any risks, duty of care obligations and the participant’s right to experience and learn from risk taking
  • develop lifestyle plans in consultation with the participant, family, friends and support workers, and commence with the least restrictive option for the participant
  • facilitate discussion with the participant about the consequences of particular choices
  • communicate with the person, family or guardian at each stage of support and document all actions, communications and decisions
  • document decisions by a person or their representative, to continue behaviour they believe is reckless, and seek further advice from a line manager
  • review how support is provided from a work health and safety perspective if support workers are affected by a decision
  • record the reasoning behind risk management decisions, including background, decisions, issues and solutions why some strategies were adopted and others rejected.

Breach of duty of care

  • the organisation and all workers must provide appropriate standards of care at all times
  • if a worker or the organisation is proven to have not provided the appropriate standard of care, this is a breach of duty of care
  • a breach of duty of care is any case where a worker or the organisation has done something they should not have done or failed to do something they should have done—such a breach may potentially result in harm or injury to another person and a finding of negligence
  • all suspected incidents of breach of duty of care should be investigated
  • anyone found to be in breach of duty of care will be disciplined including termination of employment.

Risk Policy questions and feedback 

If you would like a copy of this policy, or if you have any privacy questions or feedback, please contact us at:


0413 939 445


Participate OT Complaints form

Information Sharing Consent form

Incident form


The following resource applies to this policy and supporting documentation:

NDIS (Provider Registration and Practice Standards) Rules 2018