So the recommended steps subject to public consultation are:
1.  know your transfers - by data mapping;
2.  verify the transfer tool your transfer relies on (adequacy decision or SCC etc);
3.  assess if there is anything in the third country that may impinge on the effectiveness of the safeguards of the transfer tools;
4.  identify and adopt supplementary measures (ties in with step 3);
5.  take the formal procedural steps your supplementary measures require; and
6.  re-evaluate at appropriate intervals the level of protection afforded to the data transferred to third countries etc.  

While I would expect steps 1 and 2 to be fairly straight forward, steps 3, 4 and 5 may potentially be quite onerous, and will require transferors to do due diligence for overseas jurisdictions to which they intend to transfer the personal data.