TPN CONTENT OWNER FAQs

What is the Trusted Partner Network?

The Trusted Partner Network (TPN) is a new, global, industry-wide film and television content protection initiative. The TPN helps companies prevent leaks, breaches, and hacks of their customers’ movies and television shows prior to their intended release.

Why was the TPN built?

Content is now created by a growing ecosystem of third-party vendors, who collaborate with varying degrees of security. This has escalated the security threat to the entertainment industry’s most prized asset, it’s content. The TPN program seeks to raise security awareness, preparedness, and capabilities within our industry.

What are the benefits for content owners in the TPN program?

The TPN program will provide a number of benefits to content owners, including:

  • Create a single, central global directory of “trusted partner” vendors.
  • Expand the community of approved, media & entertainment focused content security assessors.
  • Elevate the security standards and responsiveness of the vendor community.
  • Assist in identifying vulnerabilities and communicate remediation to the vendor community through the TPN Platform.
  • Increase the number of third-party vendor facilities that are assessed annually.

How will the TPN address escalating content security threats?

The TPN establishes a single benchmark of minimum security preparedness for all vendors and their teams, wherever they work, and whatever their specialty. By creating a single, global directory of “trusted partner” vendors, content companies will have access to a centralized database to learn their TPN status. 

Who is behind this new venture?

The TPN is a joint venture between two major entertainment industry associations, the Motion Picture Association of America (MPAA) and the Content Delivery & Security Association (CDSA), the worldwide leaders in third-party entertainment industry assessments.

Are there any precedents for such a program?

Other industry-wide security initiatives are well-established in finance, IT, payment processing, and healthcare. They have raised the levels of effectiveness and efficiency of their overall industry security.

Who recognizes the TPN logo / assessment?

Major Hollywood motion picture studios and many others in the industry participated in the development of this program.

What types of facilities are assessed?

Currently, the TPN is available to provide assessments of most production, post-production, and distribution operations throughout the entertainment supply chain. Your facility’s specific services will be determined and addressed during the TPN assessment process.

Will content owners still be conducting their own assessments?

The TPN is expected to greatly reduce the number of content owner-initiated and funded assessments. Content owner assessments will continue on an “as-needed” basis.

What vendors should join the TPN?

Joining the TPN is voluntary; however, every vendor – large and small – that believes that security is a core business principle of their organization should join the TPN.

Is the TPN international, and if so, where does the TPN perform assessments?

The TPN plans to serves the international community with assessors available to address facilities in most geographic regions of the world.

Who are the TPN assessors?

Individual assessors (not audit firms) will undergo a strict review and approval process as to their expertise in securing pre-release, entertainment content. Vendors will hire a Qualified Assessor from the TPN database and will schedule their assessment and manage the process via the secure online platform.

Who pays for the TPN assessment?

Assessment fees are underwritten by the vendor. Assessment reports are shared within the TPN platform and can also be shared with customers outside the TPN at the vendor’s discretion. Content owners may also opt to pay for individual TPN assessments.

How much does a TPN assessment cost?

The cost of an assessment is negotiated, on a case-by-case basis, between the TPN Qualified Assessor and the vendor making the assessment request. The TPN has no control of the pricing models of individual assessors and/or their firms.

How frequent are the TPN assessments?

Due to the dynamic nature of the content security landscape, and the ongoing development and refinement of security controls, TPN assessments renew annually.

How does a vendor get their information published in the TPN directory?

Once enrolled in the TPN Platform, the vendor(s) will have their company information, along with any authorized supporting assessment materials, published in the TPN vendor directory.

Can I “fail” a TPN assessment?

The TPN assessment does not provide a “pass/fail” grade, certification, or rating. It provides an assessment of a facility’s security preparedness for conformance with the MPAA content security best practices. If an assessment indicates non-conformance with a control or practice, any necessary remediation may be conducted by a separate but similarly approved TPN assessor. The vendor may also provide evidence of their own remediation to the TPN. The TPN also has a formal review and submission process for any assessment disputes. Assessors will be regularly measured and evaluated through the TPN Qualified Assessor Program.

Does the TPN serve any other function?

The TPN Platform will undergo ongoing development, and intends to add training courseware, security resources, and real-time security alerts.

Does the TPN assessment substitute for ISO or other standards bodies?

The TPN assessment and credential is designed to be the benchmark for the film and television industry’s handling of content across all phases of the supply chain. It is based on the widely recognized MPAA content security best practices. The TPN assessment is not a substitute for ISO or other standards bodies not specific to our industry.

Does the TPN endorse or recommend vendors?

The TPN does not endorse, recommend, or certify vendors. The TPN provides a unified, consistent framework of assessment recognized by the industry as the benchmark for content security. Upon completion of their TPN assessment, the vendor facility may display the TPN logo to show the world they participate in the TPN and strive for the highest levels of security for their client’s content.

Does the TPN endorse, evaluate, or recommend hardware or software solutions for security?

At this time, the TPN does not evaluate or address specific hardware or software solutions at the product or service level. The TPN is focused on assessments of facilities and workflows that directly handle intellectual property and programming content of creators and title rights holders.

When does this all happen?

The first class of TPN Qualified Assessors will be recruited and tested in March 2018, with Beta-testing of key vendors beginning in April 2018. Full roll-out of the TPN program is scheduled for June 2018.

Where can I find out more?

Contact your current MPAA and/or CDSA security representative for more information.