top of page

Risk Policy



Thrive Rehab is committed to providing and maintaining quality services, and this policy outlines how we identify and manage risks. 



This policy applies to supports and services provided to all clients. 

What is risk management?


Risk management involves identifying and managing risks.


This includes a wide range of risks including risks to the service's operation, to myself as the provider and to clients.


Risks are inevitable but risk management aims to reduce the chance of a particular event from happening. If it does happen, risk management helps to reduce its impact.


Benefits of risk management can include:

  • reduced service downtime

  • reduced loss of cash flow

  • reduced injuries or illness to clients and myself

  • increased health and well-being of clients

  • increased innovation, quality and efficiency through continuous improvement. 


Identifying risks


Risk is the combination of the likelihood (chance) of an event occurring and the consequences (impact) if it does.


Risk management aims to increase the likelihood and impact of a desirable outcome as much as possible. Risk identification is the process of finding, recognising and describing risks.


Client risk management 


Identifying risks to clients is an important part of providing supports and services.


Identifying risks to clients and regular reviews of those risks is an ongoing process.


Regular reviews help to ensure risk management strategies in place are effective and that they adequately address identified risks.


With this in mind: 

  • risk assessments for new clients must be conducted during initial assessment process

  • risk assessments for existing clients may be conducted every 12 months (at plan review) or more often if there are changes in the client's needs


Risk management should consider strategic risks. This includes identifying and managing risks related to the service achieving its business objectives.


Compliance risk management 


Ensuring the business operates within the law carries its own compliance risks. These risks must be identified and assessed under a risk management framework. Examples of compliance risks may include: 

  • unregistered and/or uninsured company vehicles

  • fulfilling reporting requirements to comply with legislation or funding agreements 

  • service provider operating outside their authority

  • activities that are outside the business' constitution. 


Compliance risks must be eliminated entirely unlike other types of risks where elimination may not be possible.


The steps to manage risks for participants are: 


  •  identify risks                    identify risks specific to each individual participant

  • assess risks                       understand how likely it is to happen and how bad it could be

  • control risks                     implement appropriate lifestyle plans to lessen the likelihood and/or amount of harm 

  • review control                  check and ensure risks are under control and there are no new risks. 


Responsibilities of service provider


We, as the service provider should: 


  • follow client risk management plans, as required

  • support clients to communicate and self-advocate if the client requests or requires support

  • assist the client, if they request or require support, to maintain a risk management plan as safety needs change 

  • inform the relevant parties (ie. NOK, support coordinator, GP, police etc) as appropriate of any changes to a client’s safety needs

  • seek support from relevant parties (as above) to manage a risk, if required

  • collaborate with relevant parties when concerns about risk management 

  • escalate to appropriate parties (as above)

  • be actively engaged to work through risk management issues

  • have a basic understanding of NDIS Quality and Safeguarding Framework

  • have a basic understanding of relevant WHS policies. 


Duty of care


Providing a duty of care to clients involves ensuring adequate care is taken to avoid injury.


When assessing activities or situations for possible injury, we should keep in mind:


  • what is already known about a client’s capacity to carry out similar activities safely

  • what is known about a client’s awareness of what risks might be involved and how to avoid them 

  • what is known about the dangers involved in the activity and whether the client can deal with them 

  • what can be learnt from relevant assessments or reports about the client’s abilities and skills. 

The client, Thrive Rehab and others important people to the client should work cooperatively to develop strategies and to identify solutions for issues that challenge duty of care for all involved and dignity of risk to client.


In order to achieve this, we must:


  • take all steps to avoid harm

  • understand the client’s capacity for making decisions about the risk being managed

  • ensure that relevant legislation, policies and procedures are part of decision-making processes

  • provide information to the client, other workers and family about any risks, duty of care obligations and the client’s right

  • to experience and learn from risk taking

  • develop lifestyle plans in consultation with the client, family, friends and support workers, and commence with the least restrictive option for the client

  • facilitate discussion with the client about the consequences of particular choices

  • communicate with the client, family or guardian at each stage of support and document all actions, communications and decisions document decisions by a client or their representative, to continue behaviour they believe is reckless

  • review how support is provided from a work health and safety perspective if support workers are affected by a decision

  • record the reasoning behind risk management decisions, including background, decisions, issues and solutions why some strategies were adopted, and others rejected. 


Breach of duty of care 


  • we must always provide appropriate standards of care

  • if it is proven that I to have not provided the appropriate standard of care, this is a breach of duty of care

  • a breach of duty of care is any case where I have done something I should not have done or failed to do something I should have done—such a breach may potentially result in harm or injury to another person and a finding of negligence

  • all suspected incidents of breach of duty of care should be investigated


Risk Policy questions and feedback 


If you would like a copy of this policy, or if you have any privacy questions or feedback, please contact us at: 


Thrive Rehab

Anita Brown-Major


The following resource applies to this policy and supporting documentation:

NDIS (Provider Registration and Practice Standards) Rules 2018 

bottom of page