BOSTON, MA – June 11, 2014 — / — When it comes to deciding how best to manage information, organizations on both sides of the Atlantic seem more comfortable following conventional risk-avoidance strategies than translating that information into insight and competitive advantage. That’s one of the key findings of the 2014 Information Maturity Risk Index, a new study published by storage and information management company Iron Mountain Incorporated and PwC UK that examines how sophisticated organizations are when it comes to not only protecting information from risk but also realizing the promise of data analytics.

In the study, Iron Mountain and PwC evaluated 1,800 companies of varying sizes across North America and Europe in four key areas of their information governance programs: strategy, people, communications and security. These scores were then compiled to produce the Information Risk Maturity Index, the third annual measure of how prepared companies are to manage and respond to information risk and address other key information trends. The results, assessed for France, Germany, Hungary, the Netherlands, Spain, the United States and Canada show that the average Information Risk Maturity Index score (out of a possible 100) is 65.7 for the enterprise group (up to 100,000 employees) and 55.3 for the mid-market (250-2500 employees). In North America, enterprises come in at 65.7, while mid-market scores are at 54.5 in the mid-market; Europe finished at 66.3 and 56.1, respectively.

While the results show similar levels of risk maturity for both continents, the ability to extract value from that information is a challenge. When asked to gauge the importance of securing and protecting information versus tapping into its ability to serve as a business asset, respondents named “avoiding a data breach” (85 percent in North America, 76 percent in Europe) and “avoiding legal action or a fine for non-compliance” (79 percent and 74 percent) as their top priorities for information management. Furthermore, while 79 percent of firms surveyed in North America and 72 percent of those in Europe said they consider their information to be a business asset, only 35 percent (aggregate) employ data analysts to try and extract value from that information.

“Information can be a company’s biggest advantage, yet many organizations struggle with how to unlock its potential,” said Sue Trombley, managing director of thought leadership for Iron Mountain. “With so many regulations and standards, each of which can carry heavy penalties for non-compliance, organizations should be commended for making security and protection top priorities. The mark of a truly mature information management program comes in finding the right balance of mixing the priorities of security with the needs of the business to use information to improve operations, power innovation, open new markets and drive revenue. This forms the cornerstone of effective information governance, allowing you to find and leverage the truly valuable information that helps produce competitive advantage. This study shows that, the world over, organizations are showing a desire to balance these two priorities, yet challenges remain if they want to get to that next level of information management and governance.”

A closer look at the survey results shows that both small and large organizations on both continents are only just beginning to utilize information for competitive advantage in three key areas:

  • Innovation – Just half (51 per cent) of European firms are using information to enhance product and/or service innovation, rising to 65 per cent in North America;
  • Time to Market – Only around a quarter (21 per in Europe and 28 per cent in North America) are using information to increase their speed to market;
  • Product/Service Development – Barely one in 10 (10 per cent in Europe, 4 per cent in North America) says that information has boosted product or service development cycles.

Claire Reid, partner, PwC Risk Assurance, commented, “Businesses face the same problems everywhere. They operate in an information landscape that is defined by the increasing volume, variety and velocity of information moving through the business, and by a wide range of risks. At the same time, there is a growing expectation that businesses should exploit information to create value. Too many companies believe they understand the risks and value of information, but are frustratingly passive about doing anything about it. Your information may be the greatest business asset you have. Your customers have entrusted you with their most personal data – you cannot afford to allow information risk management to be a mere tick-box exercise.”

Those organizations seeking to better balance the priorities of security and value can start with a few basic areas to become better information managers:

  • Engage Employees – From senior leaders to everyday employees, good information management means getting everyone in organization to buy-in on the policies, processes and continuing education that underpins a successful program;
  • Monitor and Measure Mature information management programs have metrics in place to measure the effectiveness of their policies and processes, ensuring compliance with industry and regulatory standards while uncovering opportunities for cost savings and efficiency;
  • Make Information Accessible For most businesses, information assets are in the hands of the right people to safeguard them, but not of those who can extrapolate value like research and development, sales, and customer relationship teams who have the right skills to mine that information for insights that can drive revenue.

PwC surveyed senior managers at 600 European and 600 North American businesses in the mid-market segment and a further 600 firms across both continents in the enterprise; industries included legal, financial services, pharmaceutical, insurance and manufacturing and engineering. , The survey looked at four key areas: Strategy, People, Communications and Security. For the first time, the 2014 edition includes a global focus, looking at both mid-market and enterprise organizations in both North America and Europe.

A summary of the report, “Beyond good intentions: An introduction to the 2014 Information Risk Maturity Index,” can be accessed at: (registration required).

About Iron Mountain Incorporated
Iron Mountain Incorporated (NYSE: IRM) is a leading provider of storage and information management services. The company’s real estate network of over 67 million square feet across more than 1,000 facilities in 36 countries allows it to serve customers with speed and accuracy. And its solutions for records management, data management, document management, and secure shredding help organizations to lower storage costs, comply with regulations, recover from disaster, and better use their information for business advantage. Founded in 1951, Iron Mountain stores and protects billions of information assets, including business documents, backup tapes, electronic files and medical data.

Visit: for more information.

Iron Mountain
Laura Sudnik
Weber Shandwick
Katie Carbone, 617-520-7135

Source: Iron Mountain Inc.