The MPA has established a set of best practices for securely storing, processing, and delivering protected media and content based on ISO and other security standards as well as industry best practices. These best practices are documented in "Content Security Best Practices – Common Guidelines" and "Content Security Best Practices – Application and Cloud/Distributed Environment Security Guidelines."
The former consists of 3 modules (management system, physical security, and digital security), 7 security areas, 49 security topics, and 261 control items, and the referenced standards include ISO 27001, ISO27002, NIST, CSA, ISACA, and SANS.
The latter consists of 2 modules (application security and cloud security), 6 security topics, and 69 control items, and the referenced standards include ISO 27001, ISO27002, OWASP, CSA, PCI DSS, NIST800-54, and SANS.