diff --git a/src/pages/data_submission/DataAccessGovernance.js b/src/pages/data_submission/DataAccessGovernance.js
index 3052d95255..017ba92f92 100644
--- a/src/pages/data_submission/DataAccessGovernance.js
+++ b/src/pages/data_submission/DataAccessGovernance.js
@@ -116,9 +116,8 @@ export const DataAccessGovernance = (props) => {
   const prefillConsentGroups = useCallback(async () => {
     var consentGroups = await Promise.all(datasets?.map(async (dataset, idx) => {
       const dataUse = await normalizeDataUse(dataset?.dataUse);
-      // DAC is required if openAccess is false
-      const openAccess = extract('Open Access', dataset);
-      const dac = openAccess ? undefined : await DAC.get(dataset?.dacId);
+      const accessManagement = extract('Access Management', dataset);
+      const dac = 'dacId' in dataset ? await DAC.get(dataset.dacId) : undefined;
 
       return {
         consentGroup: {
@@ -130,7 +129,7 @@ export const DataAccessGovernance = (props) => {
           hmb: dataUse.hmbResearch,
           diseaseSpecificUse: dataUse.diseaseRestrictions,
           poa: dataUse.populationOriginsAncestry,
-          openAccess: openAccess,
+          accessManagement: accessManagement,
           otherPrimary: dataUse.other,
 
           // secondary
diff --git a/src/pages/data_submission/RegistrationValidation.js b/src/pages/data_submission/RegistrationValidation.js
index 2675e02693..92afc85f52 100644
--- a/src/pages/data_submission/RegistrationValidation.js
+++ b/src/pages/data_submission/RegistrationValidation.js
@@ -86,7 +86,7 @@ const updateValidation = (existingValidation, validationError) => {
     };
   }
   // if the field is required and empty, we shouldn't also error on, e.g., that it isn't a date format
-  if (existingValidation.failed.includes('required') || validationError === 'required') {
+  if ((existingValidation.failed && existingValidation.failed.includes('required')) || validationError === 'required') {
     return {
       valid: false,
       failed: ['required']
diff --git a/src/pages/data_submission/consent_group/ConsentGroupErrors.js b/src/pages/data_submission/consent_group/ConsentGroupErrors.js
index 1dedcdce74..3baa213827 100644
--- a/src/pages/data_submission/consent_group/ConsentGroupErrors.js
+++ b/src/pages/data_submission/consent_group/ConsentGroupErrors.js
@@ -23,7 +23,11 @@ const invalidFormatError = (format) => {
 export const computeConsentGroupValidationErrors = (consentGroup, datasetNames = []) => {
   const validation = {};
 
-  if (isNil(selectedPrimaryGroup(consentGroup))) {
+  if (isNil(consentGroup.accessManagement)) {
+    validation.accessManagement = requiredError;
+  }
+
+  if (isNil(selectedPrimaryGroup(consentGroup)) && consentGroup.accessManagement !== 'open') {
     validation.primaryConsent = requiredError;
   }
 
@@ -61,7 +65,7 @@ export const computeConsentGroupValidationErrors = (consentGroup, datasetNames =
     validation.otherPrimary = requiredError;
   }
 
-  if (isNil(consentGroup.dataAccessCommitteeId) && consentGroup.openAccess !== true) {
+  if (isNil(consentGroup.dataAccessCommitteeId) && consentGroup.accessManagement === 'controlled') {
     validation.dataAccessCommitteeId = requiredError;
   }
 
diff --git a/src/pages/data_submission/consent_group/ConsentGroupForm.js b/src/pages/data_submission/consent_group/ConsentGroupForm.js
index b4a3b96593..ffe02d87fe 100644
--- a/src/pages/data_submission/consent_group/ConsentGroupForm.js
+++ b/src/pages/data_submission/consent_group/ConsentGroupForm.js
@@ -22,12 +22,14 @@ export const ConsentGroupForm = (props) => {
     datasetId: curConsentGroup.datasetId || null,
     consentGroupName: curConsentGroup.consentGroupName || '',
 
+    // access management is one of: "controlled", "open", "external"
+    accessManagement: curConsentGroup.accessManagement || undefined, // string
+
     // primary:
     generalResearchUse: curConsentGroup.generalResearchUse || undefined,
     hmb: curConsentGroup.hmb || undefined,
     diseaseSpecificUse: curConsentGroup.diseaseSpecificUse || undefined, // string
     poa: curConsentGroup.poa || undefined,
-    openAccess: curConsentGroup.openAccess || undefined,
     otherPrimary: curConsentGroup.otherPrimary || undefined, // string
 
     // secondary:
diff --git a/src/pages/data_submission/consent_group/EditConsentGroup.js b/src/pages/data_submission/consent_group/EditConsentGroup.js
index 9da1f00153..26db7d7af3 100644
--- a/src/pages/data_submission/consent_group/EditConsentGroup.js
+++ b/src/pages/data_submission/consent_group/EditConsentGroup.js
@@ -14,8 +14,6 @@ export const selectedPrimaryGroup = (consentGroup) => {
     return 'diseaseSpecificUse';
   } else if (!isNil(consentGroup.poa) && consentGroup.poa) {
     return 'poa';
-  } else if (!isNil(consentGroup.openAccess) && consentGroup.openAccess) {
-    return 'openAccess';
   } else if (!isNil(consentGroup.otherPrimary) && isString(consentGroup.otherPrimary)) {
     return 'otherPrimary';
   }
@@ -119,8 +117,60 @@ export const EditConsentGroup = (props) => {
         onValidationChange,
       }),
 
-      // primary
+      // controlled, open and external access
       div({}, [
+        h(FormField, {
+          title: 'Data Access Management',
+          description: 'Select a data access management strategy',
+          id: idx + '_accessManagement_controlled',
+          name: 'accessManagement',
+          value: 'controlled',
+          type: FormFieldTypes.RADIOBUTTON,
+          toggleText: 'Controlled Access (managed by a DAC in DUOS)',
+          disabled: disableFields,
+          defaultValue: consentGroup.accessManagement,
+          onChange,
+          validation: validation.accessManagement,
+          onValidationChange: ({ validation }) => {
+            onValidationChange({ key: 'accessManagement', validation });
+          },
+        }),
+
+        h(FormField, {
+          id: idx + '_accessManagement_open',
+          name: 'accessManagement',
+          value: 'open',
+          type: FormFieldTypes.RADIOBUTTON,
+          toggleText: 'Open Access (does not need DAC approval)',
+          disabled: disableFields,
+          defaultValue: consentGroup.accessManagement,
+          onChange,
+          validation: validation.accessManagement,
+          onValidationChange: ({ validation }) => {
+            onValidationChange({ key: 'accessManagement', validation });
+          },
+        }),
+
+        h(FormField, {
+          id: idx + '_accessManagement_external',
+          name: 'accessManagement',
+          value: 'external',
+          type: FormFieldTypes.RADIOBUTTON,
+          toggleText: 'External Access (managed by a DAC external to DUOS)',
+          disabled: disableFields,
+          defaultValue: consentGroup.accessManagement,
+          onChange,
+          validation: validation.accessManagement,
+          onValidationChange: ({ validation }) => {
+            onValidationChange({ key: 'accessManagement', validation });
+          },
+        }),
+      ]),
+
+      // primary
+      div({
+        isRendered: consentGroup.accessManagement !== 'open',
+      }, [
         h(FormField, {
           title: 'Primary Data Use Terms*',
           description: 'Please select one of the following data use permissions for your dataset',
@@ -229,23 +279,6 @@ export const EditConsentGroup = (props) => {
           },
         }),
 
-        h(FormField, {
-          type: FormFieldTypes.RADIOBUTTON,
-          id: idx + '_primaryConsent_openAccess',
-          name: 'primaryConsent',
-          value: 'openAccess',
-          toggleText: 'No Restrictions (Open Access Data)',
-          disabled: disableFields,
-          defaultValue: selectedPrimaryGroup(consentGroup),
-          onChange: ({ value }) => {
-            onPrimaryChange({ key: value, value: true });
-          },
-          validation: validation.primaryConsent,
-          onValidationChange: ({ validation }) => {
-            onValidationChange({ key: 'primaryConsent', validation });
-          },
-        }),
-
         h(FormField, {
           type: FormFieldTypes.RADIOBUTTON,
           id: idx + '_primaryConsent_otherPrimary',
@@ -284,7 +317,7 @@ export const EditConsentGroup = (props) => {
 
       // secondary
       div({
-        isRendered: consentGroup.openAccess !== true,
+        isRendered: consentGroup.accessManagement !== 'open',
       }, [
         h(FormField, {
           title: 'Secondary Data Use Terms',
@@ -460,10 +493,10 @@ export const EditConsentGroup = (props) => {
 
       // data access committee
       h(FormField, {
-        isRendered: consentGroup.openAccess !== true,
+        isRendered: consentGroup.accessManagement === 'controlled',
         id: idx + 'dataAccessCommitteeId',
         name: 'dataAccessCommitteeId',
-        title: 'Data Access Committee',
+        title: 'Data Access Committee (DAC)',
         description: 'Please select which DAC should govern requests for this dataset',
         type: FormFieldTypes.SELECT,
         selectOptions: dacs.map((dac) => {
@@ -472,7 +505,7 @@ export const EditConsentGroup = (props) => {
         onChange: ({ key, value }) => {
           onChange({ key, value: value?.dacId });
         },
-        validators: [FormValidators.REQUIRED],
+        //validators: consentGroup.accessManagement === 'controlled' ? [FormValidators.REQUIRED] : undefined,
         validation: validation.dataAccessCommitteeId,
         disabled: disableFields,
         defaultValue: dacs.map((dac) => {