diff --git a/entity/RoleChildren_entity/RoleChildren_entity.aod b/entity/RoleChildren_entity/RoleChildren_entity.aod
index e47bc44a0ea73e90ca1b6d6e5747fb2b15f3ea2b..e550842296eba583514dbf4bf140d450da75649d 100644
--- a/entity/RoleChildren_entity/RoleChildren_entity.aod
+++ b/entity/RoleChildren_entity/RoleChildren_entity.aod
@@ -3,7 +3,7 @@
   <name>RoleChildren_entity</name>
   <majorModelMode>DISTRIBUTED</majorModelMode>
   <title>Child</title>
-  <titlePlural>Children</titlePlural>
+  <titlePlural>Child Roles</titlePlural>
   <recordContainer>jDito</recordContainer>
   <entityFields>
     <entityProvider>
diff --git a/entity/Role_entity/Role_entity.aod b/entity/Role_entity/Role_entity.aod
index 526b317caff9d40519cb133db39afb9f20d4aa77..7011adb0597366b42f07eb313d1bd73ec9376fba 100644
--- a/entity/Role_entity/Role_entity.aod
+++ b/entity/Role_entity/Role_entity.aod
@@ -139,6 +139,12 @@
         </entityParameter>
       </children>
     </entityConsumer>
+    <entityActionField>
+      <name>deleteEverythingLinkedToRole</name>
+      <title>delete linked permissions and hierarchies</title>
+      <onActionProcess>%aditoprj%/entity/Role_entity/entityfields/deleteeverythinglinkedtorole/onActionProcess.js</onActionProcess>
+      <iconId>VAADIN:CLOSE</iconId>
+    </entityActionField>
   </entityFields>
   <recordContainers>
     <jDitoRecordContainer>
diff --git a/entity/Role_entity/entityfields/deleteeverythinglinkedtorole/onActionProcess.js b/entity/Role_entity/entityfields/deleteeverythinglinkedtorole/onActionProcess.js
new file mode 100644
index 0000000000000000000000000000000000000000..5d03bdd5609dca4a8eeb5401273c004d409bf6f7
--- /dev/null
+++ b/entity/Role_entity/entityfields/deleteeverythinglinkedtorole/onActionProcess.js
@@ -0,0 +1,4 @@
+import("Permission_lib");
+import("system.vars");
+
+PermissionUtil.deleteEverythingLinkedToRole(vars.get("$field.ROLENAME"));
\ No newline at end of file
diff --git a/entity/Role_entity/grantDeleteProcess.js b/entity/Role_entity/grantDeleteProcess.js
index 81c7d9f200eb871ee52c740e473158e3de0322dd..e07fa2dc7327705d1e57451c8f3fa2877d4d6b86 100644
--- a/entity/Role_entity/grantDeleteProcess.js
+++ b/entity/Role_entity/grantDeleteProcess.js
@@ -1,7 +1,8 @@
+import("Permission_lib");
 import("system.vars");
 import("system.result");
 
-if (vars.get("$field.ROLETYPE") == "CUSTOM") {
+if (vars.get("$field.ROLETYPE") == "CUSTOM" && PermissionUtil.roleIsDeletable(vars.get("$field.ROLENAME"))) {
     result.string(true);
 } else {
     result.string(false);
diff --git a/entity/Role_entity/recordcontainers/jdito/onDelete.js b/entity/Role_entity/recordcontainers/jdito/onDelete.js
index 9cea5275299267066ef8eb54605f4afe819c221c..6e8defeda67659dc45dd0a896ff26430883c150b 100644
--- a/entity/Role_entity/recordcontainers/jdito/onDelete.js
+++ b/entity/Role_entity/recordcontainers/jdito/onDelete.js
@@ -5,9 +5,6 @@ import("system.vars");
 var selectedRole = vars.get("$field.ROLENAME"); // field got prefix "CUSTOM_" already
 var usersWithSelectedRole = tools.getUsersWithRole(selectedRole);
 
-// delete permissions linked to this role
-PermissionUtil.deleteEverythingLinkedToRole(selectedRole);
-
 // remove role from all users with this role
 for each (let userWithSelectedRole in usersWithSelectedRole) {
     var user = tools.getUser(userWithSelectedRole);
diff --git a/neonView/RoleChildrenList_view/RoleChildrenList_view.aod b/neonView/RoleChildrenList_view/RoleChildrenList_view.aod
index 4f5289080bca29a7cc722aeb594633e38316d605..f09ab194dcdef43f1a50a6e63cb6df85a71249d9 100644
--- a/neonView/RoleChildrenList_view/RoleChildrenList_view.aod
+++ b/neonView/RoleChildrenList_view/RoleChildrenList_view.aod
@@ -11,6 +11,9 @@
     <titledListViewTemplate>
       <name>TitledList</name>
       <entityField>#ENTITY</entityField>
+      <isDeletable v="false" />
+      <isEditable v="false" />
+      <isCreatable v="false" />
       <columns>
         <neonTitledListTableColumn>
           <name>0451e2ec-e216-4d4f-8080-e6b9aaf56613</name>
diff --git a/process/Permission_lib/process.js b/process/Permission_lib/process.js
index 2362b10b23e0e7773dc54d5af0b95491c39388d8..c4ced9f28cc5bc368c7a60b443e2f382de6e65e3 100644
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -796,6 +796,46 @@ function PermissionUtil () {}
         return affectedEntrys;
     }
     
+    /**
+     * Checks if the given role is deletable. This includes checks for linked permissions and hierarchies.
+     * 
+     * @param {String} pRole name of the role, mandatory
+     * 
+     * @result {Boolean} returns true if role is deletable, otherwise false
+     */
+    PermissionUtil.roleIsDeletable = function(pRole) {
+        // check for linked permissions
+        var sets = newSelect("ASYS_PERMISSIONSETID", alias)
+        .from("ASYS_PERMISSIONSET")
+        .where("ASYS_PERMISSIONSET.ROLE_ID", pRole)
+        .arrayColumn(true);
+        var perms = this.getPermissions(sets);
+        var actions = this.getActions(perms);
+        
+        if (sets.length != 0 || perms.length != 0 || actions.length != 0) {
+            return false;
+        }
+        
+        // check for linked hierarchies
+        // hierarchies where pRole is child
+        var parentHierarchies = newSelect("PARENT_ROLE", alias)
+        .from("ASYS_ROLES_CHILDREN")
+        .where("ASYS_ROLES_CHILDREN.CHILD_ROLE", pRole)
+        .arrayColumn(true);
+        
+        // hierarchies where pRole is parent
+        var childHierarchies = newSelect("CHILD_ROLE", alias)
+        .from("ASYS_ROLES_CHILDREN")
+        .where("ASYS_ROLES_CHILDREN.PARENT_ROLE", pRole)
+        .arrayColumn(true);
+        
+        if (parentHierarchies.length != 0 || childHierarchies != 0) {
+            return false;
+        }
+        
+        return true;
+    }
+    
 } //end of block