PS and QC GoodPractices


For more than thirty years, the Motion Picture Association of America, Inc.
(MPAA) managed facility safety surveys for
Account of Member Companies (Members):

Walt Disney Studios Motion
Pictures, Paramount Pictures Corporation, Sony Pictures
Entertainment Inc., Twentieth Century Fox Film Corporation,
Universal City Studios LLC and Warner Bros. Entertainment Inc.

As of 2007, these analyzes have been performed using
standardized survey, processing and reporting templates. From
back then, 300 plants spread across 32 countries were examined.

MPAA is committed to protecting the rights of content creators of
entertainment for audiences around the world. From the creative arts
to the software industry, an increasing number of people
around the world he earns his living by harnessing the power of
own ideas.

This means that many people are trusting more and more
in the protection of intellectual property rights and in
recognition of these safeguards as the foundation for one
healthy global information economy.

The purpose of the MPAA Facilities Security Program is
strengthen the process by which the contents of its Members
are protected during the production, post-production,
marketing and distribution. This result is obtained:

  • Publishing a set of good practices for services of a
    facility that outline the standard controls that allow you to
    protect a Member’s content;
  • Evaluating the security of content with third-party partners
    parts based on published good practices;
  • Strengthening the importance of the security of the contents of
    Members; is
  • Providing a standard survey means for further
    individual discussions regarding the security of the content
    between a Member and its business partners.

Risks must be identified through a risk assessment,
therefore appropriate controls must be implemented to reduce the
risk at an acceptable level and ensure the achievement of
commercial objectives.

The ISO (International Organization for Standardization) 27000 standard
defines risk as the “combination of the probability of an event
and its consequences.

“For example, what is the probability that i
content can be stolen from a plant’s network and disseminated
publicly and what the commercial consequences of that would be
event for an organization and the customer (eg, violation
contractual and / or loss of earnings for the publication window

The importance of a reliable management system is also highlighted
in the ISO 27001 standard, which shows how to define a system
ISMS (Information Security Management System, management system
information security).

The IT Governance Institute defines controls as “political,
procedures, practices and organizational structures designed to provide a
reasonable assurance of achieving the commercial objectives and of
prevent or detect and correct any unwanted events. “In
security checks are usually selected based on the
classification of the resource, its value for the organization and
risk of this asset being lost or stolen