Depends on your risk scenario planning. But yes, it does. A full rundown of our data integrity program would exceed the tl;dr scope on Slashdot, as well as violating NDAs
In general though I'd point out that disk based vaulting technologies have advanced considerably in the last few years and if I were providing advice to someone I'd point out that there are cloud based solutions which are write-only type solutions if your risk tolerance permits the use of third parties to store your data (e.g. CrashPlan). Avamar may also be an option depending on costs and resources.
That's where the professional part of IT professional comes in. You weigh your risks and have an honest discussion with your partners on the business side without fear mongering and you all decide on what your risk tolerance is, and have those discussions regularly (hint: Google's risk tolerance was different when they were in a garage then as a publicly traded company