diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/managers/DataManagementPlanManager.java b/dmp-backend/web/src/main/java/eu/eudat/logic/managers/DataManagementPlanManager.java
index a1bd6e2ba..8a440cfed 100644
--- a/dmp-backend/web/src/main/java/eu/eudat/logic/managers/DataManagementPlanManager.java
+++ b/dmp-backend/web/src/main/java/eu/eudat/logic/managers/DataManagementPlanManager.java
@@ -571,7 +571,9 @@ public class DataManagementPlanManager {
 
     public void newVersion(UUID uuid, DataManagementPlanNewVersionModel dataManagementPlan, Principal principal) throws Exception {
         DMP oldDmp = databaseRepository.getDmpDao().find(uuid);
-
+        if (!isUserOwnerOfDmp(oldDmp, principal)) {
+            throw new Exception("User not being the creator is not authorized to perform this action.");
+        }
         DataManagementPlanCriteria criteria = new DataManagementPlanCriteria();
         LinkedList<UUID> list = new LinkedList<>();
         list.push(oldDmp.getGroupId());
@@ -639,7 +641,6 @@ public class DataManagementPlanManager {
         databaseRepository.getGrantDao().createOrUpdate(newDmp.getGrant());
         newDmp = databaseRepository.getDmpDao().createOrUpdate(newDmp);
 
-        // Assign creator.
         assignUser(newDmp, user);
         copyDatasets(newDmp, databaseRepository.getDatasetDao());
     }