Unfortunately, that guidance still doesn't provide specific, actionable advice in even a lot of everyday areas, as we've seen in just about every HN discussion on the GDPR in recent weeks when recurring themes like backups or log files or payment processing services come up.

Also, having "fucking reams of advice" is not a good thing. To be practically useful for the kind of organisation we're talking about, advice needs to be clear and concise. A starting point that will take days just to read through and understand isn't very helpful.