Frameworks Templates Glossary Examples Get a Demo

Home/Frameworks/SOC 1

SOC 18

AICPA SSAE 18 (AT-C 320) attestation on a service organization's controls relevant to user entities' internal control over financial reporting.

Requirements in this framework

Complementary subservice organization controls
Control design documentation
Control objectives for financial reporting
Exception and remediation governance
Operating effectiveness evidence
Scope boundary and system description accuracy
Testing exception evaluation and reporting
User entity control considerations

DAYDREAM

Third-party risk management and vendor compliance automation for modern teams.

Resources

Frameworks
Templates
Glossary
Examples
Comparisons
Alternatives

Company

daydream.ai
Request Demo

© 2026 Daydream. All rights reserved.