diff --git a/src/registrar/admin.py b/src/registrar/admin.py
index bda996a38..e0c98b7c2 100644
--- a/src/registrar/admin.py
+++ b/src/registrar/admin.py
@@ -1436,6 +1436,13 @@ class DomainInformationInline(admin.StackedInline):
         "submitter",
     ]
 
+    def has_change_permission(self, request, obj=None):
+        """Custom has_change_permission override so that we can specify that
+        analysts can edit this through this inline, but not through the model normally"""
+        if request.user.has_perm("registrar.analyst_access_permission"):
+            return True
+        return super().has_change_permission(request, obj)
+
     def formfield_for_manytomany(self, db_field, request, **kwargs):
         """customize the behavior of formfields with manytomany relationships.  the customized
         behavior includes sorting of objects in lists as well as customizing helper text"""
diff --git a/src/registrar/migrations/0081_create_groups_v10.py b/src/registrar/migrations/0081_create_groups_v10.py
new file mode 100644
index 000000000..d65b6dbd2
--- /dev/null
+++ b/src/registrar/migrations/0081_create_groups_v10.py
@@ -0,0 +1,37 @@
+# This migration creates the create_full_access_group and create_cisa_analyst_group groups
+# It is dependent on 0079 (which populates federal agencies)
+# If permissions on the groups need changing, edit CISA_ANALYST_GROUP_PERMISSIONS
+# in the user_group model then:
+# [NOT RECOMMENDED]
+# step 1: docker-compose exec app ./manage.py migrate --fake registrar 0035_contenttypes_permissions
+# step 2: docker-compose exec app ./manage.py migrate registrar 0036_create_groups
+# step 3: fake run the latest migration in the migrations list
+# [RECOMMENDED]
+# Alternatively:
+# step 1: duplicate the migration that loads data
+# step 2: docker-compose exec app ./manage.py migrate
+
+from django.db import migrations
+from registrar.models import UserGroup
+from typing import Any
+
+
+# For linting: RunPython expects a function reference,
+# so let's give it one
+def create_groups(apps, schema_editor) -> Any:
+    UserGroup.create_cisa_analyst_group(apps, schema_editor)
+    UserGroup.create_full_access_group(apps, schema_editor)
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("registrar", "0080_create_groups_v09"),
+    ]
+
+    operations = [
+        migrations.RunPython(
+            create_groups,
+            reverse_code=migrations.RunPython.noop,
+            atomic=True,
+        ),
+    ]
diff --git a/src/registrar/models/user_group.py b/src/registrar/models/user_group.py
index 2aa2f642e..e8636a462 100644
--- a/src/registrar/models/user_group.py
+++ b/src/registrar/models/user_group.py
@@ -26,11 +26,6 @@ class UserGroup(Group):
                 "model": "contact",
                 "permissions": ["change_contact"],
             },
-            {
-                "app_label": "registrar",
-                "model": "domaininformation",
-                "permissions": ["change_domaininformation"],
-            },
             {
                 "app_label": "registrar",
                 "model": "domainrequest",
diff --git a/src/registrar/tests/test_admin.py b/src/registrar/tests/test_admin.py
index 604634a6b..cccca1253 100644
--- a/src/registrar/tests/test_admin.py
+++ b/src/registrar/tests/test_admin.py
@@ -2026,8 +2026,8 @@ class TestDomainInformationAdmin(TestCase):
         # Get the other contact
         other_contact = domain_info.other_contacts.all().first()
 
-        p = "userpass"
-        self.client.login(username="staffuser", password=p)
+        p = "adminpass"
+        self.client.login(username="superuser", password=p)
 
         response = self.client.get(
             "/admin/registrar/domaininformation/{}/change/".format(domain_info.pk),
@@ -2071,8 +2071,8 @@ class TestDomainInformationAdmin(TestCase):
         domain_request.approve()
         domain_info = DomainInformation.objects.filter(domain=domain_request.approved_domain).get()
 
-        p = "userpass"
-        self.client.login(username="staffuser", password=p)
+        p = "adminpass"
+        self.client.login(username="superuser", password=p)
         response = self.client.get(
             "/admin/registrar/domaininformation/{}/change/".format(domain_info.pk),
             follow=True,
diff --git a/src/registrar/tests/test_migrations.py b/src/registrar/tests/test_migrations.py
index bf3b09d0d..add65105a 100644
--- a/src/registrar/tests/test_migrations.py
+++ b/src/registrar/tests/test_migrations.py
@@ -34,7 +34,6 @@ class TestGroups(TestCase):
             "view_logentry",
             "change_contact",
             "view_domain",
-            "change_domaininformation",
             "add_domaininvitation",
             "view_domaininvitation",
             "change_domainrequest",