diff --git a/server/routers/external.ts b/server/routers/external.ts
index 91c185d2..0ca31117 100644
--- a/server/routers/external.ts
+++ b/server/routers/external.ts
@@ -82,6 +82,7 @@ authenticated.delete(
     "/org/:orgId",
     verifyOrgAccess,
     verifyUserIsOrgOwner,
+    verifyUserHasAction(ActionsEnum.deleteOrg),
     org.deleteOrg
 );
 
diff --git a/server/routers/org/deleteOrg.ts b/server/routers/org/deleteOrg.ts
index 76e2ad79..63e9abb0 100644
--- a/server/routers/org/deleteOrg.ts
+++ b/server/routers/org/deleteOrg.ts
@@ -49,19 +49,7 @@ export async function deleteOrg(
         }
 
         const { orgId } = parsedParams.data;
-        // Check if the user has permission to list sites
-        const hasPermission = await checkUserActionPermission(
-            ActionsEnum.deleteOrg,
-            req
-        );
-        if (!hasPermission) {
-            return next(
-                createHttpError(
-                    HttpCode.FORBIDDEN,
-                    "User does not have permission to perform this action"
-                )
-            );
-        }
+
         const [org] = await db
             .select()
             .from(orgs)