TPN Gold Shield vs. Blue Shield: What Studios Actually Need

Two Tiers, One Clear Answer

The Trusted Partner Network (TPN) has two certification tiers: Gold Shield and Blue Shield. If you work with major studios or streaming platforms — Netflix, Disney, Warner Bros., Apple TV+, Amazon — the question of which tier you need isn't complicated.

You need Gold Shield. Full stop.

Blue Shield exists, but it won't get you in the door with any major buyer. Here's what each tier actually means and how to think about the path to certification.

What Is TPN Blue Shield?

Blue Shield is a self-assessment tier. A facility seeking Blue Shield completes the MPA Content Security Best Practices questionnaire on their own — no third-party auditor, no independent verification of their answers.

Blue Shield was designed as a stepping stone: a way for vendors to signal they're actively working toward MPA compliance before they've completed a full audit. It costs less and takes less time than Gold Shield because no assessor is involved.

The catch: major studios and streaming platforms don't accept Blue Shield as proof of compliance. Blue Shield tells them you've reviewed the checklist and believe you're mostly compliant. It doesn't tell them a qualified third party verified it.

For most facilities, Blue Shield is a transitional state — useful for documenting progress internally but not sufficient for studio or streamer relationships.

What Is TPN Gold Shield?

Gold Shield is the full certification. A TPN-approved third-party assessor conducts an on-site and remote audit against the complete MPA Content Security Best Practices framework. If you pass, your facility is listed in the TPN Marketplace as Gold Shield certified — publicly searchable and accepted by all major buyers.

Gold Shield tells Netflix, Disney, and Warner Bros. that an independent assessor has verified:

Gold Shield must be renewed annually. The annual renewal audit is typically lighter than the initial certification audit, but it's still a third-party assessment.

The Certification Process at a Glance

Getting to Gold Shield involves several phases:

1. Gap Assessment

An internal review (or consultant-led assessment) that maps your current state against the MPA controls. The output is a prioritized gap list — what you have, what you're missing, and what it will take to fix it.

2. Remediation

Implementing the missing controls. This usually involves network changes, access control configuration, physical security upgrades, and policy documentation. The documentation piece is often underestimated — the MPA framework requires written policies and procedures, not just technical controls.

3. Pre-Audit Readiness

A mock assessment before the real audit. This step catches remaining gaps and prepares your team for assessor interviews and walkthroughs. Facilities that skip this step often fail their first audit on documentation issues.

4. Third-Party Audit

The formal assessment by an MPA-approved TPN assessor. The assessor reviews your documentation, conducts a facility walkthrough, interviews staff, and tests controls. Duration depends on facility size — typically 1–3 days on-site.

5. Gold Shield Listed

Once the assessor confirms all required controls are in place and submits their report to TPN, your Gold Shield listing appears in the TPN Marketplace. Studios and platforms can search and verify your status directly.

How Long Does Gold Shield Take?

Timeline depends on your starting security posture. Facilities with no existing MPA controls typically need 90–120 days to reach Gold Shield. Facilities with some existing controls in place often move in 60–75 days.

The remediation phase is usually the longest — infrastructure changes, network segmentation, and policy documentation take time. The audit itself is fast once you're ready.

The mistake most facilities make is underestimating how long the documentation work takes. The MPA framework requires written policies covering dozens of areas: incident response, access management, media handling, clean desk, visitor procedures. Many facilities have good controls in practice but nothing written down. Getting it documented takes weeks.

What Does TPN Certification Cost?

The third-party assessor fee is typically $8,000–$20,000 depending on assessor, facility size, and scope. This is the non-negotiable cost — the audit can't happen without a TPN-approved assessor.

Infrastructure remediation varies enormously. A facility that already has strong network segmentation, managed firewalls, and access control logging will spend far less than one starting from scratch. Expect infrastructure costs to range from $15,000 to $100,000+ depending on your gap list.

Policy documentation and consultant support typically adds $10,000–$25,000 for a full engagement.

The annual renewal audit is usually less expensive than the initial audit — approximately $5,000–$12,000 — since the assessor is verifying continued compliance rather than auditing from zero.

Do You Need TPN If You Only Work with Independent Studios?

TPN certification requirements vary by buyer. Major studios and streaming platforms with global distribution networks require it universally for vendors handling pre-release content. Smaller independent studios and production companies may not formally require TPN but often prefer working with TPN-certified facilities because it reduces their own liability.

As TPN adoption grows, the expectation is spreading beyond the majors. Independent studios that want to graduate to streamer and major studio work increasingly require their vendors to be TPN-certified before those relationships begin.

Getting certified before a major buyer requires it is always easier than getting certified under a deadline to preserve an existing client relationship.

Working with a TPN Consultant

Many facilities pursue TPN certification on their own. The gap assessment, remediation, and documentation work is manageable — but it takes significant internal time and requires someone with a strong working knowledge of the MPA framework.

Working with a TPN consultant speeds up the process by concentrating that knowledge externally. A consultant who has been through multiple TPN audits knows where assessors focus, which documentation gaps cause failures, and what "good enough" looks like for each control category.

For most facilities, the time savings and risk reduction of working with an experienced consultant more than offset the consulting cost.

Summary

If you're working with or pursuing major studio and streamer clients, Gold Shield is the only path forward. Blue Shield is a useful internal milestone but not a certification any major buyer will accept as sufficient.