Few suggestions to enhance the IT Risk Assessment form and the workflow.

1. When multiple rows are added in the scope selection section of the Risk Assessment form and a questionnaire is selected, system sends the questionnaire to the entire list of scoped items as just one assessment.

Expected - In the 'Perform IT Risk Assessment' form, when the user clicks on each row, the questionnaire should be available for assessment separately.

2. Approver field - Please make this optional. Not all groups have approval workflow in their process.

3. Assessor and approver fields - Please make these multi select.

Suggestion - Maybe a plan form similar to ERM plan form could be built in IT Risk app for distribution of assessments.