diff --git a/static/js/settings_org.js b/static/js/settings_org.js
index 7281505a5a..848c19bb61 100644
--- a/static/js/settings_org.js
+++ b/static/js/settings_org.js
@@ -45,6 +45,7 @@ export function maybe_disable_widgets() {
     if (page_params.is_admin) {
         $("#deactivate_realm_button").prop("disabled", true);
         $("#org-message-retention").find("input, select").prop("disabled", true);
+        $("#id_realm_invite_to_realm_policy").prop("disabled", true);
         return;
     }
 
diff --git a/static/templates/settings/organization_permissions_admin.hbs b/static/templates/settings/organization_permissions_admin.hbs
index 1fce706930..8e252fd32d 100644
--- a/static/templates/settings/organization_permissions_admin.hbs
+++ b/static/templates/settings/organization_permissions_admin.hbs
@@ -8,7 +8,9 @@
             </div>
             <div class="m-10 inline-block organization-permissions-parent">
                 <div class="input-group">
-                    <label for="realm_invite_to_realm_policy" class="dropdown-title">{{t "Who can invite users to this organization" }}</label>
+                    <label for="realm_invite_to_realm_policy" class="dropdown-title">{{t "Who can invite users to this organization" }}
+                        <i class="fa fa-info-circle settings-info-icon realm_message_retention_tooltip tippy-zulip-tooltip" aria-hidden="true" data-tippy-content="{{t 'Only owners can change this setting.' }}"></i>
+                    </label>
                     <select name="realm_invite_to_realm_policy" id="id_realm_invite_to_realm_policy" class="prop-element" data-setting-widget-type="number">
                         {{> dropdown_options_widget option_values=invite_to_realm_policy_values}}
                     </select>
diff --git a/zerver/tests/test_realm.py b/zerver/tests/test_realm.py
index 48801e3490..88ca1803c6 100644
--- a/zerver/tests/test_realm.py
+++ b/zerver/tests/test_realm.py
@@ -868,6 +868,18 @@ class RealmAPITest(ZulipTestCase):
         self.assertEqual(realm.allow_message_deleting, True)
         self.assertEqual(realm.message_content_delete_limit_seconds, 600)
 
+    def test_change_invite_to_realm_policy_by_owners_only(self) -> None:
+        self.login("iago")
+        req = {"invite_to_realm_policy": Realm.POLICY_ADMINS_ONLY}
+        result = self.client_patch("/json/realm", req)
+        self.assert_json_error(result, "Must be an organization owner")
+
+        self.login("desdemona")
+        result = self.client_patch("/json/realm", req)
+        self.assert_json_success(result)
+        realm = get_realm("zulip")
+        self.assertEqual(realm.invite_to_realm_policy, Realm.POLICY_ADMINS_ONLY)
+
 
 class ScrubRealmTest(ZulipTestCase):
     def test_scrub_realm(self) -> None:
diff --git a/zerver/views/realm.py b/zerver/views/realm.py
index ca35a77133..6b8ea67b49 100644
--- a/zerver/views/realm.py
+++ b/zerver/views/realm.py
@@ -150,6 +150,9 @@ def update_realm(
             message_retention_days_raw, Realm.MESSAGE_RETENTION_SPECIAL_VALUES_MAP
         )
 
+    if invite_to_realm_policy is not None and not user_profile.is_realm_owner:
+        raise OrganizationOwnerRequired()
+
     # The user of `locals()` here is a bit of a code smell, but it's
     # restricted to the elements present in realm.property_types.
     #