diff --git a/bitwarden_license/src/Portal/Views/Policies/Edit.cshtml b/bitwarden_license/src/Portal/Views/Policies/Edit.cshtml
index 607dfab8d3..ac1c1488ba 100644
--- a/bitwarden_license/src/Portal/Views/Policies/Edit.cshtml
+++ b/bitwarden_license/src/Portal/Views/Policies/Edit.cshtml
@@ -42,6 +42,13 @@
             </h3>
             @i18nService.T("RequireSsoPolicyReq")
         </div>
+        <div class="callout callout-warning" role="alert">
+            <h3 class="callout-heading">
+                <i class="fa fa-warning" *ngIf="icon" aria-hidden="true"></i>
+                @i18nService.T("Warning")
+            </h3>
+            @i18nService.T("RequireSsoExemption")
+        </div>
     }
     
     <div asp-validation-summary="ModelOnly" class="alert alert-danger"></div>
diff --git a/src/Core/Resources/SharedResources.en.resx b/src/Core/Resources/SharedResources.en.resx
index 2f0fbc9428..72c400e741 100644
--- a/src/Core/Resources/SharedResources.en.resx
+++ b/src/Core/Resources/SharedResources.en.resx
@@ -149,7 +149,7 @@
     <value>Edit Policy - {0}</value>
   </data>
   <data name="EditPolicyTwoStepLoginWarning" xml:space="preserve">
-    <value>Organization members who do not have two-step login enabled for their personal account will be removed from the organization and will receive an email notifying them about the change.</value>
+    <value>Organization members who are not Owners or Administrators and do not have two-step login enabled for their personal account will be removed from the organization and will receive an email notifying them about the change.</value>
   </data>
   <data name="Save" xml:space="preserve">
     <value>Save</value>
@@ -546,7 +546,7 @@
     <value>Restrict users from being able to join any other organizations.</value>
   </data>
   <data name="SingleOrganizationPolicyWarning" xml:space="preserve">
-    <value>Organization members who are already a part of another organization will be removed from this organization and will receive an email notifying them about the change.</value>
+    <value>Organization members who are not Owners or Administrators and are already a part of another organization will be removed from this organization and will receive an email notifying them about the change.</value>
   </data>
   <data name="RequireSso" xml:space="preserve">
     <value>Single Sign-On Authentication</value>
@@ -563,4 +563,7 @@
   <data name="RequireSsoPolicyReqError" xml:space="preserve">
     <value>Single Organization policy not enabled.</value>
   </data>
+  <data name="RequireSsoExemption" xml:space="preserve">
+    <value>Organization Owners and Administrators are exempt from this policy's enforcement.</value>
+  </data>
 </root>
diff --git a/src/Core/Services/Implementations/PolicyService.cs b/src/Core/Services/Implementations/PolicyService.cs
index bd9ee6c395..e04db9c098 100644
--- a/src/Core/Services/Implementations/PolicyService.cs
+++ b/src/Core/Services/Implementations/PolicyService.cs
@@ -78,7 +78,8 @@ namespace Bit.Core.Services
                         policy.OrganizationId);
                     var removableOrgUsers = orgUsers.Where(ou =>
                         ou.Status != Enums.OrganizationUserStatusType.Invited &&
-                        ou.Type != Enums.OrganizationUserType.Owner && ou.UserId != savingUserId);
+                        ou.Type != Enums.OrganizationUserType.Owner && ou.Type != Enums.OrganizationUserType.Admin && 
+                        ou.UserId != savingUserId);
                     switch (currentPolicy.Type)
                     {
                         case Enums.PolicyType.TwoFactorAuthentication: