ATP 2.0 permits the last remaining admin role account to remove itself from the admin role
Article ID: 162726
Advanced Threat Protection (ATP) Platform 2.0 allows you to edit the role of your only admin account to that of a non-admin role. When that user logs off, ATP is then left without a user who can perform administrator duties.
Workaround: Do not change the role in the user account of your only administrator.