diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index c7ac06de1..b04510f0a 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -30,6 +30,10 @@ class UsersController < ApplicationController
 
   def show; end
 
+  def dpo; end
+
+  def key_contact; end
+
   def edit
     redirect_to user_path(@user) unless @user.active?
   end
diff --git a/app/views/users/show.html.erb b/app/views/users/show.html.erb
index 06c528703..e6cb9fd3e 100644
--- a/app/views/users/show.html.erb
+++ b/app/views/users/show.html.erb
@@ -81,7 +81,7 @@
             if can_edit_dpo?(@user, current_user)
               row.action(
                 visually_hidden_text: "if data protection officer",
-                href: aliased_user_edit(@user, current_user),
+                href: user_edit_dpo_path(@user),
                 html_attributes: { "data-qa": "change-data-protection-officer" },
               )
             else
@@ -95,7 +95,7 @@
             if can_edit_key_contact?(@user, current_user)
               row.action(
                 visually_hidden_text: "if a key contact",
-                href: aliased_user_edit(@user, current_user),
+                href: user_edit_key_contact_path(@user),
                 html_attributes: { "data-qa": "change-key-contact" },
               )
             else
diff --git a/config/routes.rb b/config/routes.rb
index dc6588142..803d9bd09 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -53,6 +53,9 @@ Rails.application.routes.draw do
   end
 
   resources :users do
+    get "edit_dpo", to: "users#dpo"
+    get "edit_key_contact", to: "users#key_contact"
+
     member do
       get "deactivate", to: "users#deactivate"
       get "reactivate", to: "users#reactivate"
diff --git a/spec/features/user_spec.rb b/spec/features/user_spec.rb
index d1199038c..f3c0b7c01 100644
--- a/spec/features/user_spec.rb
+++ b/spec/features/user_spec.rb
@@ -363,6 +363,28 @@ RSpec.describe "User Features" do
                  role: "data_provider",
                )).to be_a(User)
       end
+
+      context "when updating other user DPO and key contact information" do
+        it "allows updating users dpo details" do
+          visit("/organisations/#{user.organisation.id}")
+          click_link("Users")
+          click_link(other_user.name)
+          find("a[href='#{user_edit_dpo_path(other_user)}']").click
+          choose("Yes")
+          click_button("Save changes")
+          expect(User.find_by(name: "Other name", role: "data_provider", is_dpo: true)).to be_a(User)
+        end
+
+        it "allows updating users key contact details" do
+          visit("/organisations/#{user.organisation.id}")
+          click_link("Users")
+          click_link(other_user.name)
+          find("a[href='#{user_edit_key_contact_path(other_user)}']").click
+          choose("Yes")
+          click_button("Save changes")
+          expect(User.find_by(name: "Other name", role: "data_provider", is_key_contact: true)).to be_a(User)
+        end
+      end
     end
 
     context "when deactivating a user" do