Soonwon Park and John D. Hastings of The Beacom College of Computer and Cyber Sciences, Dakota State University, have produced a paper on how Compliance is enforced across a range of GRC standards.

The paper specifically focuses on PCI DSS, HIPAA, NIS2, and GDPR and how the individual standards are enforced and how the enforcement impacts the level of compliance across those organisations that are impacted.

With dozens of references it is a great source of research for those who are looking for support when it comes to justifying compliance budgets as well as the organisations that support, assess and audit the standards.

The six page document can be found here.