You've received the letter from the Business Software Alliance (BSA), the Software & Information Industry Association (SIIA) or some other software trade group or vendor, having been "turned in" anonymously by a former employee. You've decided to voluntarily audit your software, and learned that you have some unauthorized software on your servers. You report this to the software-owning entity. Now what? How much is owed for the asserted copyright infringement?
The answer will often depend, in large part, on why the unauthorized software is present, and the knowledge of those who put it there and of management. Nonetheless, there are a few common themes of which business owners should be aware.