The AGPL (Affero General Public License) is a copyleft license that goes beyond the GPL: even when software is provided over a network (e.g., as SaaS), the source code must be disclosed. The current version is AGPLv3.
For an ISMS, the AGPL is particularly relevant in the context of ISO 27001 Annex A controls A.5.32 (Intellectual Property) and A.8.28 (Secure Software Development). If your organization uses AGPL-licensed components, disclosure obligations for your own source code may arise. A software bill of materials (SBOM) and a license compliance process help control this risk. Many organizations exclude AGPL-licensed software from internally developed products as a policy.