This poses a major problem for us as well.

The customer should be able to manage/add their own access rules.

The existing model is for an MSP who operates in one manner, with no flexibility to manage the MSP business in any other way; not good.

We need to give our larger clients some control. Org Users need to receive Critical Alerts. We need to determine whether we want that Org User to be able to respond and remediate those alerts.

This really needs to be added as an option. We have a co-managed client who is upset that they can see but cannot act on these escalations.

This is something that should be the most obvious for org users to do.

The fact that org-level admins really cannot do many administrative things is a contentious subject related to our larger clients who have internal IT personnel. They should be able to address escalations like setting travel or VPN exclusions. This "Only the MSP can manage your stuff" model does not work when there is someone in an org who is the equivalent of our technicians or engineers.

It will be beneficial in co-managed clients who have on-site tech or security advisor

This is key. Would be most effective/efficient resolution to have the org level admin get escalations/notifications.

This is causing a major problem for us. This is an essential feature.

Makes perfect sense for an Organization level Admin to quickly determine where or where the user is not meant to be, without having the Account level having to reach out.