RS.MI-3: Newly identified vulnerabilities are mitigated or documented as accepted risks

Description

[csf.tools Note: Subcategories do not have detailed descriptions.]