diff --git a/src/pages/(admin)/Lists/ExamList.tsx b/src/pages/(admin)/Lists/ExamList.tsx
index 15c00245..7d363ca6 100644
--- a/src/pages/(admin)/Lists/ExamList.tsx
+++ b/src/pages/(admin)/Lists/ExamList.tsx
@@ -61,7 +61,7 @@ export default function ExamList({
   // Pass this permission filter to the backend later
   const filteredExams = useMemo(
     () =>
-      ["admin", "developer"].includes(user.type)
+      ["admin", "developer"].includes(user?.type)
         ? exams
         : exams.filter((item) => {
             if (
@@ -73,7 +73,7 @@ export default function ExamList({
               return false;
             return true;
           }),
-    [canViewConfidentialEntities, exams, user.type]
+    [canViewConfidentialEntities, exams, user?.type]
   );
 
   const parsedExams = useMemo(() => {
diff --git a/src/utils/permissions.ts b/src/utils/permissions.ts
index 1f6f33aa..c24f51f4 100644
--- a/src/utils/permissions.ts
+++ b/src/utils/permissions.ts
@@ -54,11 +54,11 @@ export function groupAllowedEntitiesByPermissions(
 		const userEntity = userEntityMap.get(entity.id);
 		const role = userEntity
 			? roleCache.get(userEntity.role) ??
-			  (() => {
-				  const foundRole = entity.roles.find(r => r.id === userEntity.role) || null;
-				  roleCache.set(userEntity.role, foundRole);
-				  return foundRole;
-			  })()
+			(() => {
+				const foundRole = entity.roles.find(r => r.id === userEntity.role) || null;
+				roleCache.set(userEntity.role, foundRole);
+				return foundRole;
+			})()
 			: null;
 
 		permissions.forEach(permission => {
@@ -75,7 +75,7 @@ export function groupAllowedEntitiesByPermissions(
 export function findAllowedEntities(user: User, entities: EntityWithRoles[], permission: RolePermission) {
 	if (["admin", "developer"].includes(user?.type)) return entities
 
-	const allowedEntities = entities.filter((e) => doesEntityAllow(user, e, permission))
+	const allowedEntities = (entities ?? []).filter((e) => doesEntityAllow(user, e, permission))
 	return allowedEntities
 }