A copyleft license is an open-source license that requires derived works to be released under the same or a compatible license. The source code must be disclosed. Well-known copyleft licenses include GPL, LGPL, and AGPL.
In an ISMS context, copyleft is relevant to ISO 27001 Annex A controls A.5.32 (Intellectual Property) and A.8.28 (Secure Software Development). If your organization incorporates copyleft-licensed libraries into its own software, disclosure obligations for your source code may arise — with potential impact on trade secrets and competitive advantages. A license compliance process supported by SBOM analysis and license scanners (e.g., FOSSA, Snyk, ScanCode) is the countermeasure.