Possibly not quite what you are suggesting, but I did create a database (Not access, but similar), it didn’t have the risk assessment in it as raw information, but linked to the word document. This made finding a specific assessment very easy and allowed revision control / review control. All our management system documents etc were stored in an electronic format, though there were some documents on the shop floor in hard copy (also noted in database to allow version control).

I don’t see the advantage of having something calculate eg 2X3 for you. However depending on what you use the matrix information for, you could use this info ( especially if you calc before and after controls) to help search / list those with high risk ratings before controls, which could be used as a hit list for changing processes to eliminate these risks rather than control them. There was a recent thread on this very topic though, with mixed opinions (unsurprisingly) on the use of calculated ratings.

If you have the information in Excel at the moment, you should be able to save some time from your estimate by transferring the info directly from Excel to Access. (put all RA’s in one spreadsheet and then transfer).

What advantage do you expect to gain ?

Working in Education Sector we have multiple industries across different geographical locations - 900 staff around 12000 students. My thinking was if by bringing the risk assessments into a single shared database - or indeed ones which are run within their own areas - then the reviewing process and monitoring would be easier for the managers and assessors.

I'm aware of some colleges/uni's using databases by uncertain if commercial bought - in which case may be limiting due to their more generic nature - or developed in-house.

B

We also had sypol, which I incorporated into the database. Effectively the system consisted of a number of relational databases and acted like a browser to locate and open various documents. Our entire management system was in it, every procedure , instruction, document, risk assessment, environmental impact assessment, COSHH assessment and policy.

I was not so impressed with Sypol, but I didn't have time to do this myself and was implemented by a predecessor so was a bit stuck with it. For some I'm sure Sypol would be good.

As Kate suggests, get the database design right from the start.

Yes I have, I work in the university sector, have aligned our RA for OHSAS18001;

format
guidance
basic generic etc.

this is then up-loaded to 'share point' IT system and national 'u drive'

My view is that the whole approach to assessing, and managing, risk in your organisation needs a reality check, if you are resorting to trying to manage copious quantities of 'forms' by a complex database.

Assessing risk is not about producing forms.

Yes there are defiantly advantages in setting up an electronic RA database.

I set up a simple risk assessment register using a spreadsheet, with the risk assessments linked to the word documents. I then made it available through the intranet so that all users have access to the latest revisions of the RA. I found it easier to do it this way than try and keep paper folders in multiple locations updated. It also allows me to keep a thorough revision record with old assessments easily archived. It looks a lot better too, if you get audited you can pull up the register and easily produce your RAs. It looks much better than pulling a dusty folder off a shelf.

Of course the risk assessments are for reference only and I don't expect people to rely solely on generic RAs.

You can use a spreadsheet to calculate risk criticality if you want to factor in risk manageability etc. It works well if you are using a more complex matrix, like a risk register for example, but is not really necessary for a standard 5x5 matrix.