(1) An accreditation authority that requires a compliance audit may (a) engage a biosecurity auditor to perform the audit; or(b) direct the audit target to engage a biosecurity auditor to perform the audit and specify requirements relating to (i) the engagement of the biosecurity auditor; and(ii) the scope of the compliance audit to be performed.(2) An accreditation authority that requires the compliance audit may only direct the audit target to engage a biosecurity auditor under subsection (1)(b) if the audit target is (a) a registered entity; or(b) a biosecurity certifier; or(c) a biosecurity auditor; or(d) an accreditation authority other than the Secretary; or(e) the holder of an individual permit; or(f) a person who has the benefit of a group permit; or(g) a person who has given a biosecurity undertaking; or(h) an entity responsible for preparing a draft biosecurity program under Division 1 of Part 9 ; or(i) a person who has entered into a biosecurity control agreement; or(j) a prescribed person, or prescribed class of persons.