diff --git a/PyRIGS/settings.py b/PyRIGS/settings.py
index 6a40a352..a41ad2c9 100644
--- a/PyRIGS/settings.py
+++ b/PyRIGS/settings.py
@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/1.7/ref/settings/
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 import os
 import raven
+import secrets
 
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))
 
@@ -235,3 +236,5 @@ TERMS_OF_HIRE_URL = "http://www.nottinghamtec.co.uk/terms.pdf"
 AUTHORISATION_NOTIFICATION_ADDRESS = 'productions@nottinghamtec.co.uk'
 RISK_ASSESSMENT_URL = os.environ.get('RISK_ASSESSMENT_URL') if os.environ.get(
     'RISK_ASSESSMENT_URL') else "http://example.com"
+RISK_ASSESSMENT_SECRET = os.environ.get('RISK_ASSESSMENT_SECRET') if os.environ.get(
+    'RISK_ASSESSMENT_SECRET') else secrets.token_hex(15)
diff --git a/RIGS/migrations/0034_event_risk_assessment_edit_url.py b/RIGS/migrations/0034_event_risk_assessment_edit_url.py
new file mode 100644
index 00000000..d60cd4bd
--- /dev/null
+++ b/RIGS/migrations/0034_event_risk_assessment_edit_url.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.0.5 on 2019-07-28 21:28
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0033_auto_20180325_0016'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='event',
+            name='risk_assessment_edit_url',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+    ]
diff --git a/RIGS/models.py b/RIGS/models.py
index a4eaffad..2c708851 100644
--- a/RIGS/models.py
+++ b/RIGS/models.py
@@ -338,6 +338,9 @@ class Event(models.Model, RevisionMixin):
     auth_request_at = models.DateTimeField(null=True, blank=True)
     auth_request_to = models.EmailField(null=True, blank=True)
 
+    # Risk assessment info
+    risk_assessment_edit_url = models.CharField(max_length=255, blank=True, null=True)
+
     # Calculated values
     """
     EX Vat
diff --git a/RIGS/rigboard.py b/RIGS/rigboard.py
index 0bae9940..e6112b31 100644
--- a/RIGS/rigboard.py
+++ b/RIGS/rigboard.py
@@ -18,6 +18,7 @@ from django.core.exceptions import SuspiciousOperation
 from django.db.models import Q
 from django.contrib import messages
 from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_exempt
 from z3c.rml import rml2pdf
 from PyPDF2 import PdfFileMerger, PdfFileReader
 import simplejson
@@ -84,6 +85,10 @@ class EventRA(generic.base.RedirectView):
     permanent = False
     def get_redirect_url(self, *args, **kwargs):
         event = get_object_or_404(models.Event, pk=kwargs['pk'])
+
+        if event.risk_assessment_edit_url:
+            return event.risk_assessment_edit_url
+
         params = {
             'entry.708610078': f'N{event.pk:05}',
             'entry.905899507': event.name,
@@ -400,3 +405,26 @@ class EventAuthoriseRequestEmailPreview(generic.DetailView):
         })
         context['to_name'] = self.request.GET.get('to_name', None)
         return context
+
+@method_decorator(csrf_exempt, name='dispatch')
+class LogRiskAssessment(generic.View):
+    http_method_names = ["post"]
+
+    def post(self, request, **kwargs):
+        data = request.POST
+        shared_secret = data.get("secret")
+        edit_url = data.get("editUrl")
+        rig_number = data.get("rigNum")
+        if shared_secret is None or edit_url is None or rig_number is None:
+            return HttpResponse(status=422)
+
+        if shared_secret != settings.RISK_ASSESSMENT_SECRET:
+            return HttpResponse(status=403)
+
+        rig_number = int(re.sub("[^0-9]", "", rig_number))
+
+        event = get_object_or_404(models.Event, pk=rig_number)
+        event.risk_assessment_edit_url = edit_url
+        event.save()
+
+        return HttpResponse(status=200)
diff --git a/RIGS/templates/RIGS/event_detail_buttons.html b/RIGS/templates/RIGS/event_detail_buttons.html
index 3d2f06af..2f05c7f1 100644
--- a/RIGS/templates/RIGS/event_detail_buttons.html
+++ b/RIGS/templates/RIGS/event_detail_buttons.html
@@ -2,10 +2,18 @@
     <a href="{% url 'event_update' event.pk %}" class="btn btn-default"><span
             class="glyphicon glyphicon-edit"></span> <span
             class="hidden-xs">Edit</span></a>
-    <a href="{% url 'event_ra' event.pk %}" class="btn btn-default"><span
-        class="glyphicon glyphicon-paperclip"></span> <span
-        class="hidden-xs">RA</span></a>
     {% if event.is_rig %}
+        {% if not event.dry_hire %}
+            <a href="{% url 'event_ra' event.pk %}" class="btn btn-default
+                {% if event.risk_assessment_edit_url %}
+                    btn-success
+                {% else %}
+                    btn-warning
+                {% endif %}
+            "><span
+                class="glyphicon glyphicon-paperclip"></span> <span
+                class="hidden-xs">RA</span></a>
+        {% endif %}
         <a href="{% url 'event_print' event.pk %}" target="_blank" class="btn btn-default"><span
                 class="glyphicon glyphicon-print"></span> <span
                 class="hidden-xs">Print</span></a>
diff --git a/RIGS/urls.py b/RIGS/urls.py
index c54e2785..3630f7d0 100644
--- a/RIGS/urls.py
+++ b/RIGS/urls.py
@@ -188,6 +188,9 @@ urlpatterns = [
     url(r'^api/(?P<model>\w+)/(?P<pk>\d+)/$', login_required(views.SecureAPIRequest.as_view()),
         name="api_secure"),
 
+    # Risk assessment API
+    url(r'^log_risk_assessment/$', rigboard.LogRiskAssessment.as_view(), name='log_risk_assessment'),
+
     # Legacy URL's
     url(r'^rig/show/(?P<pk>\d+)/$',
         RedirectView.as_view(permanent=True, pattern_name='event_detail')),
diff --git a/requirements.txt b/requirements.txt
index 62f505d5..ebe42496 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,7 +3,7 @@ contextlib2==0.5.5
 diff-match-patch==20121119
 dj-database-url==0.5.0
 dj-static==0.0.6
-Django==2.0.5
+Django==2.0.13
 django-debug-toolbar==1.9.1
 django-ical==1.4
 django-recaptcha==1.4.0