top of page
9d3347_5f5df953b1934257b8b76d3503203caemv2.png

TPN Assessment

The Trusted Partner Network (TPN) is an industry-wide cybersecurity initiative, securing movie, film, TV, broadcast, and game content. TPN assessments audit service providers' cybersecurity measures for compliance with MPA Content Security Best Practices, facilitating business success and trust. Join TPN to simplify bidding processes and assure clients of your security commitment.

TPN

TPN: An Introduction

The Trusted Partner Network (TPN) is a global, industry-wide movie, film, television, broadcast, and game cybersecurity content protection initiative. The TPN helps service providers prevent leaks, breaches, and hacks of their customers’ movies and television shows prior to their intended release date and seeks to raise security awareness, preparedness and capabilities within the industry. The TPN is owned and operated by the Motion Picture Association.

MPA Content Security Best Practices

The MPA Content Security Best Practices (MPA CSBP) is an Information Security Management System (ISMS) control framework derived from and mapped to AICPA TSC 2017, CSA CCM v4.03, ISO/IEC 27001:2022, ISO/IEC 27002:2022, and NIST 800-53 Rev. 5. MPA CSBP is industry-specific and is designed to be of use by any organisation that is engaged in the Media and Entertainment (M&E) industry supply chain. The framework can be used standalone or blended with other ISMS or risk management regimes including ISO/IEC 27001:2022, NIST CSF 1.1, ITIL v4, and COBIT 2019.

What is a TPN Assessment?

TPN Assessment is a cybersecurity supply chain audit aimed at service providers (a.k.a. vendors) where your business' ISMS implementation, risk management philosophy, physical security, digital security, cloud security, software development practices, and secure content handling workflows are benchmarked for conformance with the MPA CSBP. The assessment process is designed to deliver a comprehensive risk and control treatment report to MPACDSA, and ACE member studio content owners including Walt Disney Studios, Sony Pictures, Netflix, Paramount Pictures, Warner Brothers Entertainment, and Universal Pictures detailing your ISMS implementation, approach to risk and business continuity management, framework control implementation, control treatment, and to identify areas of non-conformance for remediation. The need to comply with the MPA CSBP is strictly voluntary. TPN Assessments are voluntary. TPN is not an accreditation program. TPN Assessments are managed via the TPN+ Portal.

How does a TPN Assessment help my business get work?

The completion of TPN Blue Shield and TPN Gold Shield Assessments will make it dramatically easier for your business to bid successfully for work on projects as one of the key barriers to entry has been removed. Specifically, you have demonstrated that you have a working cybersecurity compliance program in place and have had that program independently audited.

​

If your business intends to bid or work on any movie, film, TV, broadcast, or game projects that are offered by an MPA, CDSA or ACE member studio then you will generally be required to undertake a cybersecurity assessment. Cybersecurity assessments are often conducted directly by the studios themselves. This might be sufficient for your business compliance needs if you only intend to work for one or two studios directly.

 

Alternatively, your business can join the TPN and complete a cybersecurity assessment independent of the studio's content security programs. The advantage of this is that TPN Assessments are recognised industry-wide, by all content owners and other service providers participating in the M&E supply chain. Once you have joined the TPN, you can commit to undertaking a TPN Blue Shield self-attestation assessment. Once that is complete you can then commit to completing a TPN Gold Shield assessment which is conducted by an independent third-party TPN Assessor.

​

The completion of Blue Shield and optionally Gold Shield assessments shows that your business has a demonstrable cybersecurity posture and is committed to secure content handling workflows that meet M&E industry best practices. This in turn provides a level of confidence to your clients and content owners that not only are you likely to deliver exemplary work, but their content is safe and unlikely to be leaked, lost, or stolen.

formkit_arrowright.png
formkit_arrowright.png

So how do I get assessed?!

Group 53.png

Join the TPN

Group 54.png

Pay the annual membership fee

formkit_arrowright.png
Group 58.png

Complete the Gold Shield Assessment

formkit_arrowright.png
Group 17.png

Contact a TPN Assessor and get a quote for your Gold Shield Assessment

Group 16.png

Complete the Blue Shield Assessment

If you require further assistance or have questions, then please contact us.

formkit_arrowright.png
Abstract Sphere

Have questions? Ready for TPN Gold Shield Assessment?

How can we help?

Assessment
Preparation

We can help you prepare for assessment to ensure your business meets ISO 27001 or MPA Content Security Best Practices with our Readiness and Gap Analysis.

Policy


Templates

Get access to Cybersecurity Policy templates to get you started whether you are a start-up facility or need to refresh your current policies for your audit / assessment.

TPN Gold
Assessment

Onsite TPN Gold Shield Assessment and ISO/IEC 27001 assessment where we audit your facility or organisation by one of our Accredited Assessors.

Assessment
Remediations

We work with you to rectify any shortcomings observed in your cybersecurity posture as a result of your TPN Assessment or ISO/IEC 27001 audit.

How are we different and Why choose us

Our Assessors are industry veterans who have worked on multiple shows and have the screen credits to prove it. Having done many assessments we understand the complexity of cybersecurity, risks involved in operating a facility and handling vendor content. We can work with you to navigate through the TPN assessment and audit process and requirements to bring you a more seamless, stress free, easy and cost effective result.

Assessment Preparation/Gap Analysis

Have you been requested a Cybersecurity (TPN or ISO/IEC 27001) assessment by any of the studio content owners including Disney, Netflix, Warner Brothers, Sony, Paramount, Bad Robot, Amazon, HBO and Marvel and not sure how to be prepared? We can assist you with assessment preparation, readiness and gap analysis, security policies and engineering services to ensure your facility meets the MPA Content Security Best Practices prior to commencing an assessment.

TPN Gold Shield Assessment

We work with you to rectify any shortcomings observed in your cybersecurity posture as a result of your TPN Gold Assessment or ISO/IEC 27001 Audit.

Assessment Remediation

We work with you to rectify any engineering or policy shortcomings observed in your cybersecurity posture as a result of your Assessment.

Contact Us

Thanks for submitting!

Abstract Sphere

Service Regions

Australia | New Zealand | UK | USA | Canada | Japan

India | Philippines | Malaysia | Singapore

Thailand | Vietnam | New Caledonia | Vanuatu | Fiji

Why work with us?

Our Assessors are industry veterans who have worked on multiple shows and have the screen credits to prove it. Having done many assessments we understand the complexity of cybersecurity, risks involved in operating a facility and handling vendor content. We can work with you to navigate through the TPN assessment and audit process and requirements to bring you a more seamless, stress free, easy and cost effective result.

Cybersecurity Services

Consulting, Advise & Training

Don't know where to begin? We are here to help you proactively protect your business against advanced cybersecurity threats. We can advise you on how to go about securing your enterprise, audit your existing networks and systems and work with you to develop security awareness and incident response training programmes.

Governance, Risk & Compliance

Do you have a corporate wide strategic plan to meet your cybersecurity objectives? Are you aware of cyber risks within your organisation? Do you need to meet necessary security compliance in order to operate legally or obtain cyber insurances? We can help you implement and maintain a cybersecurity framework that will form the cornerstone of you corporate cyber governance.

Cyber Architecture & Engineering

We are continually on the lookout for the newest technologies and best-of-breed tools in order to architect and build secure networks and systems. We can architect and design solutions to meet your needs incorporating solutions to cover CIS-20ASD's Essential Eight and OWASP Top 10:  Network Inventory, Asset Discovery, Application White-listing, Continuous Vulnerability Assessment & Remediation, EndPoint Protection, Backup and DR, Centralised Logging & SIEM, Secure WiFi, Secure VPN + 2FA, Mobile Device Management, Secure Programming

TPN & ISO/IEC 27001 Assessment, Readiness & Gap Analysis

The Trusted Partner Network is a global film and television content protection initiative established as a joint venture between the MPA and CDSA. We offer TPN auditing and consulting services, including AssessmentPreparation, Pre-Assessment Engineering. Onsite Assessment, Post-Assessment Remediation, Post-Assessment Engineering. We can also assist you in implementing the MPA Content Security Best Practices based on your facility type and content handling methods.

TPN - Trusted Partner Networks
Frequently Asked Questions

9d3347_5f5df953b1934257b8b76d3503203caemv2.png

Have questions about how Assessments & Audits work?

shutterstock_2206524703.jpg

GRC Policy Starter

MPA Content Security Best Practices aligned Security Manual
10 Policy Templates
ISMS Implementation Guide

bottom of page