diff --git a/atst/routes/ccpo.py b/atst/routes/ccpo.py
index 7c9ed484..5f799e22 100644
--- a/atst/routes/ccpo.py
+++ b/atst/routes/ccpo.py
@@ -62,6 +62,6 @@ def confirm_new_user():
 @user_can(Permissions.DELETE_CCPO_USER, message="remove ccpo user")
 def remove_access(user_id):
     user = Users.get(user_id)
-    # update user to remove perms
-    # flash alert to confirm removing ccpo perms
+    Users.revoke_ccpo_perms(user)
+    flash("ccpo_user_removed", user_name=user.full_name)
     return redirect(url_for("ccpo.users"))
diff --git a/atst/utils/flash.py b/atst/utils/flash.py
index e4f852ea..b511f4d2 100644
--- a/atst/utils/flash.py
+++ b/atst/utils/flash.py
@@ -40,6 +40,11 @@ MESSAGES = {
         "message_template": translate("ccpo.form.user_not_found_text"),
         "category": "info",
     },
+    "ccpo_user_removed": {
+        "title_template": translate("flash.success"),
+        "message_template": "You have successfully removed {{ user_name }}'s CCPO permissions.",
+        "category": "success",
+    },
     "environment_added": {
         "title_template": translate("flash.success"),
         "message_template": """
diff --git a/tests/routes/test_ccpo.py b/tests/routes/test_ccpo.py
index 618eb9b9..c4a8e2a4 100644
--- a/tests/routes/test_ccpo.py
+++ b/tests/routes/test_ccpo.py
@@ -1,5 +1,6 @@
 from flask import url_for
 
+from atst.domain.users import Users
 from atst.utils.localization import translate
 
 from tests.factories import UserFactory
@@ -45,10 +46,19 @@ def test_confirm_new_user(user_session, client):
     )
     assert new_user.dod_id in response.data.decode()
 
-    # give person with out ATAT account CCPO permissions
+    # give person without ATAT account CCPO permissions
     response = client.post(
         url_for("ccpo.confirm_new_user"),
         data={"dod_id": random_dod_id},
         follow_redirects=True,
     )
     assert random_dod_id not in response.data.decode()
+
+
+def test_remove_access(user_session, client):
+    ccpo = UserFactory.create_ccpo()
+    user = UserFactory.create_ccpo()
+    user_session(ccpo)
+
+    response = client.post(url_for("ccpo.remove_access", user_id=user.id))
+    assert user not in Users.get_ccpo_users()
diff --git a/tests/test_access.py b/tests/test_access.py
index f459ea06..7da4868e 100644
--- a/tests/test_access.py
+++ b/tests/test_access.py
@@ -161,6 +161,17 @@ def test_ccpo_confirm_new_user_access(post_url_assert_status):
     post_url_assert_status(rando, url, 404, data={"dod_id": user.dod_id})
 
 
+# ccpo.remove_access
+def test_ccpo_remove_access(post_url_assert_status):
+    ccpo = user_with(PermissionSets.MANAGE_CCPO_USERS)
+    rando = user_with()
+    user = UserFactory.create_ccpo()
+
+    url = url_for("ccpo.remove_access", user_id=user.id)
+    post_url_assert_status(rando, url, 404)
+    post_url_assert_status(ccpo, url, 302)
+
+
 # applications.access_environment
 def test_applications_access_environment_access(get_url_assert_status):
     dev = UserFactory.create()