RiskKey was built with compliance in mind. However, it has powerful project management and reporting features that offer many possibilities. It can easily handle FFIEC, SOX, CobiT, HIPAA, ITIL, and any number of different controls frameworks. Although we come out of the financial institution industry and can support many compliance regulations there, we also built RiskKey extensible enough to work with other industries as well.