diff --git a/classes/security/authorization/internal/SubmissionCompletePolicy.inc.php b/classes/security/authorization/internal/SubmissionCompletePolicy.inc.php
new file mode 100644
index 00000000000..19084fa05ee
--- /dev/null
+++ b/classes/security/authorization/internal/SubmissionCompletePolicy.inc.php
@@ -0,0 +1,60 @@
+<?php
+/**
+ * @file classes/security/authorization/internal/SubmissionCompletePolicy.inc.php
+ *
+ * Copyright (c) 2014-2024 Simon Fraser University
+ * Copyright (c) 2000-2024 John Willinsky
+ * Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
+ *
+ * @class SubmissionCompletePolicy
+ * @ingroup security_authorization_internal
+ *
+ * @brief Class to control access to workflow only for complete submissions
+ *
+ */
+
+import('lib.pkp.classes.security.authorization.DataObjectRequiredPolicy');
+
+class SubmissionCompletePolicy extends DataObjectRequiredPolicy {
+
+	/**
+	 * Constructor
+	 * 
+	 * @param PKPRequest 	$request 					The PKP core request object
+	 * @param array 		$args 						Request parameters
+	 * @param string 		$submissionParameterName 	The request parameter we expect the submission id in.
+	 * @param string 		$operation 					Optional list of operations for which this check takes effect. If specified, 
+	 * 													operations outside this set will not be checked against this policy
+	 */
+	function __construct($request, &$args, $submissionParameterName = 'submissionId', $operations = null) {
+		parent::__construct(
+			$request,
+			$args,
+			$submissionParameterName,
+			'user.authorization.submission.incomplete.workflowAccessRestrict',
+			$operations
+		);
+
+		AppLocale::requireComponents(LOCALE_COMPONENT_PKP_USER);
+	}
+
+
+	//
+	// Implement template methods from AuthorizationPolicy
+	//
+	/**
+	 * @see DataObjectRequiredPolicy::dataObjectEffect()
+	 */
+	public function dataObjectEffect() {
+		$submissionId = $this->getDataObjectId();
+
+		$submissionDao = DAORegistry::getDAO("SubmissionDAO"); /** @var SubmissionDAO $submissionDao */
+		$submission = $submissionDao->getById($submissionId);
+
+		if ($submission->getData('submissionProgress') > 0) {
+			return AUTHORIZATION_DENY;
+		}
+		
+		return AUTHORIZATION_PERMIT;
+	}
+}
diff --git a/locale/en_US/user.po b/locale/en_US/user.po
index 9491815994b..b7e80911c9c 100644
--- a/locale/en_US/user.po
+++ b/locale/en_US/user.po
@@ -66,6 +66,9 @@ msgstr "You don't currently have access to that stage of the workflow."
 msgid "user.authorization.workflowStageRequired"
 msgstr "A workflow stage was not specified."
 
+msgid "user.authorization.submission.incomplete.workflowAccessRestrict"
+msgstr "Workflow access for incomplete submission is restricted."
+
 msgid "user.authorization.pluginRequired"
 msgstr "A plugin was not specified and is required."
 
diff --git a/pages/workflow/PKPWorkflowHandler.inc.php b/pages/workflow/PKPWorkflowHandler.inc.php
index 14152fc1aaa..526a675af6a 100644
--- a/pages/workflow/PKPWorkflowHandler.inc.php
+++ b/pages/workflow/PKPWorkflowHandler.inc.php
@@ -49,6 +49,9 @@ function authorize($request, &$args, $roleAssignments) {
 
 			$this->markRoleAssignmentsChecked();
 		} else {
+			import('lib.pkp.classes.security.authorization.internal.SubmissionCompletePolicy');
+			$this->addPolicy(new SubmissionCompletePolicy($request, $args, 'submissionId'));
+
 			import('lib.pkp.classes.security.authorization.WorkflowStageAccessPolicy');
 			$this->addPolicy(new WorkflowStageAccessPolicy($request, $args, $roleAssignments, 'submissionId', $this->identifyStageId($request, $args), WORKFLOW_TYPE_EDITORIAL));
 		}