Software level
It contains software tools extending the lifetime of information. It includes all possible integrity-control tools (for instance, transaction journals) and preventive monitoring (except hardware monitoring).
Organizational level
Here, physical and program access is divided into several levels. I would also refer to this level the Active Directory-based access to resources. This level determines who has to/allowed to do what.
If you need to protect your systems against software failure, human errors and other risks, there is nothing better than backup copy. No matter how super secure your system is, even if you have an XP Storageworks 24000, you risk a lot without regular backups. Surely there is no doubt that the probability of failure in the previous case is MUCH lower than if you would keep files on an ordinary file server. But, I suspect that the COST of such data is MUCH higher.
Backup systems can be referred to the software and organizational cross-levels. Clearly you can set up necessary for YOU (i.e. IT specialists) backup, but do businesses or users really need it? Would you be able to salvage necessary information from backups as and when required? Do you have a recovery plan in case of system failure? Is the plan drawn on paper and will it be available in case of emergency? Do you have answers to these questions?
Cluster service – hardware and software cross-level (as well as other replication systems). Distributed cluster – cross-level of all three levels (as well as any other disaster-proof system).
Any questions?