- of
Nearly half of respondents (45%) said their company didn't have a formal information retention program.
Why not?
(percent respondents with no formal information retention program)
Lack of need (41%)
Too expensive (38%)
No clear responsible party (27%)
No time (26%)
Lack of expertise (21%)
On average, respondents said they answered 63 legal, compliance or regulatory requests for digital information in the past year.
On average, IT staff spent 66 hours finding the requested information.
Most requested data by type
(percent respondents):
Documents and files (67%)
Database or application data (61%)
Email (51%)
Sharepoint files (51%)
Social media (44%)
Text messaging (44%)
The top three consequences cited for failing to meet requests for information
(percent respondents):
Reputation damage (42%)
Fines (41%)
Compromised legal position (38%)
Only 17% of respondents said they were "extremely confident" in their readiness to respond to information requests.
Preparing for an information request
Step 1: Create a records and information management (RIM) program.
Preparing for an information request
Step 2:
Periodically delete information according to your RIM. 20% of companies keep data forever. They shouldn't.
Preparing for an information request
Step 3:
Use backup for recovery, use archiving for discovery
Preparing for an information request
Step 4:
Deploy advanced legal hold processes and risks.
Preparing for an information request
Step 5:
Conduct litigation readiness exercises to determine exposure areas and formulate a prioritized remediation plan.
Preparing for an information request
Step 6:
Know what electronically stored information you have and where it lives, including text messages, social media and data in the cloud.
IT Management 
8 Reasons Microsoft Still Matters to the Enterprise
What Your Employees Would Give Up to Telecommute
CIO Quiz: Test Your Finance Smarts
The 10 Hottest IT Certifications
Make 8 Popular Performance Tools Work for You
Ten Enemies of Innovation
