Governance Report
Extra Space Storage prioritizes robust corporate governance to drive long-term stockholder value, reinforce management accountability, and uphold public trust. We encourage open communication and positive working relationships among the members of our board. Our directors maintain regular access to and engagement with senior management and other employees. We actively seek stockholder input through ongoing engagement programs, including connecting with our large stockholders annually, and hosting quarterly earnings calls open to all. We have implemented governance enhancements based on stockholder feedback and regularly refresh our board to increase independence and to ensure a wide range of backgrounds and experience. We believe these collective actions establish a governance framework that effectively reflects our stockholders' perspectives.
- Separate Chairman and Chief Executive Officer roles.
- Independent Lead Director and independent director-led committees: Audit, Compensation, and Nominating, Governance & Corporate Responsibility.
- Whistleblowing and whistleblower protection policy in place.
- Nine of ten directors are independent.
- Annual evaluations of the board and its committees.
- Policy on recoupment of incentive compensation (clawback policy).
- Annual election of all directors with majority voting in uncontested elections.
- Double-trigger provisions upon a change in control.
- Stockholders have the ability to amend bylaws.
- Regular succession planning and a strong mentoring culture.
- Proxy access provisions in the bylaws.
- No employment agreements with officers.
- Data protection and privacy policy are in effect.
- No stockholder rights plan (poison pill).
- Annual advisory vote to approve executive compensation.
- Quarterly and annual review of the enterprise risk management plan and performance.
- Robust stock ownership guidelines for directors and executive officers.
- Prohibition against hedging and stringent limitations on pledging for officers and directors.
- Policy on political and charitable contributions.
- 2025 Annual Meeting
- 97.6% average approval of Board of Directors
- 94.0% approval of Executive compensation
Human Rights
Respect for human rights is fundamental to our company values and how we conduct our business. We actively engage with stakeholders to address human rights issues connected to our business and the communities we operate within.
Our detailed Human Rights Policy is available at: ir.extraspace.com/sustainability.
Code of Conduct
Extra Space Storage has a Code of Business Conduct and Ethics that is signed by all directors, officers, and employees, and is reviewed annually by all employees.
Our code of conduct can be found here.
Cybersecurity
Our company has a dedicated team of cybersecurity professionals who continuously monitor risks related to cybersecurity. We have a dedicated VP of information security and compliance leading the team and they are responsible for guiding enterprise-wide cyber resilience strategy, policy, standards, architecture, and processes. We have a cybersecurity steering committee that meets at least yearly and has representation from both executive management and the board of directors. Cybersecurity status and roadmap progress are presented to the board on a quarterly basis. To identify and address potential information security risks, we use a defense-in-depth methodology that employs multiple, redundant defensive measures and outlines actions to take in the event of a security control failure or vulnerability exploitation. To protect our company from cybersecurity threats, we utilize a combination of internal resources and external partnerships. Our partnerships provide services such as penetration testing, incident response, and third-party assessments. In addition, we use a combination of both proprietary and commercial solutions to proactively manage and mitigate threats to our IT environment. Extra Space has not experienced a material cybersecurity breach.
Our cybersecurity infrastructure undergoes external audits as part of our Sarbanes-Oxley audit process and adheres to information security standards. We are also regularly externally audited and certified by PCI DSS, a highly respected information security standard, to ensure that we properly handle andprotect credit card data. Extra Space has created an incident response plan that is updated, reviewed, and tested at least annually. We also have policies related to other functions including the use of AI. Extra Space is compliant with applicable data privacy laws. These efforts demonstrate our commitment to maintaining the highest level of cybersecurity protection.
Our company prioritizes data protection and ensures all employees understand their role in maintaining the company’s cybersecurity. To further this goal, we have implemented a comprehensive annual security training program for our staff. This program includes mandatory computer-based training, regular internal communications, and ongoing end-user testing to assess the effectiveness of our security measures.