Very good questions. I too would like to see good answers from people who know more about this than I do. :-)
3 If the key is lost, we've effectively lost all of our backups
Precisely, which is why many or most people don't use encrypted backups.
One possible way to go is to build a couple of "lifeboats", i.e. packages with install media, usernames and passwords for essential systems like backups, Active Directory and others (i.e. the stuff you need to load a backup if the main site has been completely destroyed in a fire, but not the backup data itself). You should store these lifeboats securely off site, for example in a bank vault, or in a high-security safe in a remote office with an alarm system. And lastly document this, so that others can figure out how to use the lifeboats after you've left the company, if needed.
4 Should the key change regularly? Once per year? What is the best practice?
From a practical point of view, I would say to not change the keys, since it quickly becomes unmanageable if you do. If you're worried about backup security not being good enough, then beef up physical security around your tapes, by using a service such as Iron Mountain, or by building a storage system with good physical security yourself.
Lastly: I would prefer to have all encryption & backup handling in one system, so there is less risk of recovery not working. By this I mean to use the built-in encryption in software like Retrospect or Backup Exec, rather than drive-level encryption.
Best Answer
stenc
project should be useful (haven't personally tested that) -- http://sourceforge.net/projects/stenc/