diff --git a/app/controllers/organizations_controller.rb b/app/controllers/organizations_controller.rb
index a9c74d48..248e225b 100644
--- a/app/controllers/organizations_controller.rb
+++ b/app/controllers/organizations_controller.rb
@@ -42,6 +42,11 @@ def update
 
   def find_organization
     @organization = Organization.friendly.find(params[:id])
+
+    unless @organization.workflow_state == "approved" || (current_user && (current_user.has_role?(:superadmin) || @organization.creator == current_user))
+      error_not_found
+    end
+
   end
 
   def organization_params