Knowledge is the understanding of facts, concepts, principles, theories and practices related to a specific subject or discipline. Skills are the ability to apply knowledge and use know-how to complete tasks and solve problems. According to ISO 19011:2018, the knowledge and skills of an auditor include the following:
Knowledge of audit principles, procedures and methods
Knowledge of management system standards and reference documents
Knowledge of the organization’s context, scope, processes and objectives
Knowledge of relevant legal, regulatory and contractual requirements
Knowledge of applicable industry, sector or technical disciplines
Knowledge of risk management and risk-based thinking
Skill in collecting and verifying information
Skill in evaluating conformity and effectiveness of management systems
Skill in reporting and communicating audit results
Skill in managing audit activities and teams
Based on this, the activities that are predominately related to knowledge are designing a checklist and determining what evidence to gather, as they require the auditor to understand the audit criteria, scope, objectives and methods, as well as the organization’s context, processes and risks. The other activities are more related to skills, as they involve applying knowledge and using know-how to perform tasks and solve problems during the audit.
References:
ISO 19011:2018, Guidelines for auditing management systems, clauses 7.2.1, 7.2.2 and 7.2.3
PECB Candidate Handbook - ISO 27001 Lead Auditor, pages 9-10 and 16-17
ISO 9001 Auditing Practices Group Guidance on: Auditing Competence, pages 2-3 and 8
Submit