Very interesting post!

Regarding the « acceptable » latency in Startup/logon times
You only use helpdesk calls as benchmarking reference  ? I expected that you use script to gather startup or logon information and draw conclusion about GPO application behavior. BTW, what is the average number of GPO applied? Is the AD team responsible for that or is is a cross-team task to evaluate, design and implement GPOs?

Regarding DNS Service
I suppose that MS IT use AD-integrated zone(s). How do you take it into account when it comes to DC placement and DNS service availability?