Finally, the last word, mine. Voice over IP has the same issues as running any other application using the TCP/IP stack. Ports are used to exchange data packets that are running over the same telecommunications lines as computer data. The same security measures (firewalls, IDS, DMZ, etc.) have to be used along with some form of encrypting the data. Otherwise, someone else will listen to that call, record that call and maybe break into your computer infrastructure. Also, when/if you do use Voice over IP, have a security company assess that system after it's installed for security holes.
For more information on VoIP, visit these other SearchSecurity.com resources.