The new ISO 27701 standard was designed to help organizations reconcile various regulatory requirements, including those of the GDPR, into a universal set of operational controls. In theory, audit and certification of ISO 27701 can be considered sufficient evidence of compliance. It promises great operational efficiency in regulatory compliance. Is this expectation too good to be true or a reachable goal? The panel will consider, among others, the following issues and questions: