TPN Certification - Is it necessary? Know Why And How?

What Is TPN?

TPN, Trusted Partner Network, is the initial content protection accreditation for the film and television industry that helps companies assure their clients regarding the prevention of leaks, hacks, and breaches of movies, videos, or shows before decided release dates. TPN becomes necessary to make customers believe in the raised security in all aspects.

Trusted Partner Network assessment is the security audit where your entire integrated system and ongoing workflows, such as management system, physical space, security (physical and digital), etc, are inspected thoroughly for conformance with the best MPA practices by the licensed Assessor. It is designed to provide a brief generated report to MPA, ACE, and CDSA member studio content owners stating ISMS execution, control practices, business and risk management approach, and remedies for future conformance.

Why did TPN come into existence, and why is it needed?

As far of now, content for short films, movies, and shows is created by the growing ecosystem of third-party vendors who collab with different security degrees. It has increased the threat of leaks and breaches of the most valuable asset of the studios - CONTENT. The TPN certification is about raising security awareness and capabilities within the industry.

The TPN creates a solitary benchmark of least security preparedness for all vendors and their groups at any place they work and their expertise. By making a solitary, worldwide catalog of "trusted partner" sellers, content organizations will approach the important data set to gain proficiency with their TPN status.

It is much needed by VFX Studios that offers numerous benefits such as -

• Gains the trust of vendors and customers regarding security

• Seeks to raise security against data threats

• Get the centralized directory as a Trusted Partner vendor.

• Extend the security standards of the vendor community

• Increase the number of third-party vendor projects assessed.

Is there any benefit of the TPN Program to Vendors?

Here is a list of advantages TPN provides to vendors, such as -

• Decrease the assessment count conducted at every facility.

• Decrease various controls utilized by different content owners.

• Get stand out in the competitive market with the suitable quote

• Enable promotion of security preparedness And many more.

Joining TPN is a good step where every vendor, be it large or small, believes security is the core business principle of their firm.

How much is the cost of the TPN Assessment?

Checking the price of the assessment depends on varied cases and factors. There are no pricing models defined for the individual assessors or their companies. It is the done deal between TPN Assessor and the vendor making the request. Cost varies with the type of firm, types of projects they are working on, services offered by studio owners, physical space, types of clients they have, database features, etc. For more details, visit www.ttpn.org/about/faqs.

How to join TPN?

A short but thorough procedure has to be followed to join the TPN program and get certified for security preparedness -

Step 1:

Go to the Vendor assessment request tab in the TPN Platform. For this, visit www.ttpn.org.

Step 2:

Fill out the form with all your basic company information accurately.

Step 3:

After clicking on submit, you will receive an email confirmation stating that you will receive the questionnaire shortly.

Step 4:

Once you receive a questionnaire, you will be asked to submit some documents to evaluate your company and can proceed with an on-site review.

Step 5:

Before the on-site review, the assigned assessor will ask you to keep documents ready which are needed at a time to inspect your space as per requirements.

Note - Onsite assessments involve a site visit during which an assessor physically inspects and evaluates a vendor’s facility and are typically requested for facilities handling pre-theatrical content or sensitive assets addressed early in the distribution cycle. Step 6: If your services/work are after the release cycle or the selected phase is post-theatrical, then you have the option to avail remote review/ telephonic interview session.

Step 6:

If your services/work are after the release cycle or the selected phase is post-theatrical, then you have the option to avail remote review/ telephonic interview session.

Step 7:

After the complete assessment by the approved assessor, the report draft is sent to TPN for quality control which takes around two weeks of time.

Step 8:

If any non-compliance is received by any means for your area, there will be the remediation list provided by the team with the ten working days time duration given for fixing the issues they caught up.

Step 9:

Once everything gets cleared, the vendor will have their company enrolled with authorized supporting assessment materials in the directory of the TPN vendor. Step 10: Vendor portal credentials also will be shared with the vendor through which they can log in to the portal using 2-factor authentication.

Can anyone ‘Fail’ a TPN Assessment?

The TPN evaluation doesn't give a "pass or fail" grade, certificate, or rating. It gives an evaluation of security preparedness for conformance with the MPA content security best practices. In case an evaluation shows non-conformance with control or practice, any important remediation might be directed by a different, however, correspondingly approved, TPN assessor. The merchant may likewise give proof of their own remediation to the TPN. The TPN likewise has a proper survey and accommodation process for any evaluation debates. Assessors will be routinely estimated and assessed through the TPN Qualified Assessor Program.

And the good part is that VANI software works well for TPN-certified firms and vendors without any compliance. It does not imply any obstacle in the security of data as necessary.