RS.MI-3: Newly identified vulnerabilities are mitigated or documented as accepted risks

Warning icon.

Subcategory is withdrawn in the next version of this framework and incorporated into: ID.RA-06: Risk responses are chosen, prioritized, planned, tracked, and communicated.

Description

[csf.tools Note: Subcategories do not have detailed descriptions.]