diff --git a/atst/models/task_order.py b/atst/models/task_order.py
index 96bf6ebf..64c29e7a 100644
--- a/atst/models/task_order.py
+++ b/atst/models/task_order.py
@@ -221,6 +221,14 @@ class TaskOrder(Base, mixins.TimestampsMixin):
         """
         return self.so_invite and not self.security_officer
 
+    @property
+    def officers(self):
+        return [
+            self.contracting_officer,
+            self.contracting_officer_representative,
+            self.security_officer,
+        ]
+
     _OFFICER_PREFIXES = {
         "contracting_officer": "ko",
         "contracting_officer_representative": "cor",
diff --git a/atst/routes/portfolios/invitations.py b/atst/routes/portfolios/invitations.py
index 5b1bbce6..269ca21d 100644
--- a/atst/routes/portfolios/invitations.py
+++ b/atst/routes/portfolios/invitations.py
@@ -26,7 +26,7 @@ def accept_invitation(token):
     #   - the logged-in user has multiple roles on the TO (e.g., KO and COR)
     #   - the logged-in user has officer roles on multiple unsigned TOs
     for task_order in invite.portfolio.task_orders:
-        if g.current_user == task_order.contracting_officer:
+        if g.current_user in task_order.officers:
             return redirect(
                 url_for(
                     "portfolios.view_task_order",
@@ -34,14 +34,6 @@ def accept_invitation(token):
                     task_order_id=task_order.id,
                 )
             )
-        elif g.current_user == task_order.contracting_officer_representative:
-            return redirect(
-                url_for("task_orders.new", screen=4, task_order_id=task_order.id)
-            )
-        elif g.current_user == task_order.security_officer:
-            return redirect(
-                url_for("task_orders.new", screen=4, task_order_id=task_order.id)
-            )
 
     return redirect(
         url_for("portfolios.show_portfolio", portfolio_id=invite.portfolio.id)
diff --git a/tests/routes/portfolios/test_invitations.py b/tests/routes/portfolios/test_invitations.py
index 4e382127..bcca3023 100644
--- a/tests/routes/portfolios/test_invitations.py
+++ b/tests/routes/portfolios/test_invitations.py
@@ -245,3 +245,77 @@ def test_contracting_officer_accepts_invite(monkeypatch, client, user_session):
         _external=True,
     )
     assert response.headers["Location"] == to_review_url
+
+
+def test_cor_accepts_invite(monkeypatch, client, user_session):
+    portfolio = PortfolioFactory.create()
+    user_info = UserFactory.dictionary()
+    task_order = TaskOrderFactory.create(
+        portfolio=portfolio,
+        cor_first_name=user_info["first_name"],
+        cor_last_name=user_info["last_name"],
+        cor_email=user_info["email"],
+        cor_phone_number=user_info["phone_number"],
+        cor_dod_id=user_info["dod_id"],
+        cor_invite=True,
+    )
+
+    # create contracting officer representative
+    user_session(portfolio.owner)
+    client.post(url_for("task_orders.invite", task_order_id=task_order.id))
+
+    # contracting officer representative accepts invitation
+    user = Users.get_by_dod_id(user_info["dod_id"])
+    token = user.invitations[0].token
+    monkeypatch.setattr(
+        "atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
+    )
+    user_session(user)
+    response = client.get(url_for("portfolios.accept_invitation", token=token))
+
+    # user is redirected to the task order review page
+    assert response.status_code == 302
+    to_review_url = url_for(
+        "portfolios.view_task_order",
+        portfolio_id=task_order.portfolio_id,
+        task_order_id=task_order.id,
+        _external=True,
+    )
+    assert response.headers["Location"] == to_review_url
+
+
+def test_so_accepts_invite(monkeypatch, client, user_session):
+    portfolio = PortfolioFactory.create()
+    user_info = UserFactory.dictionary()
+    task_order = TaskOrderFactory.create(
+        portfolio=portfolio,
+        so_first_name=user_info["first_name"],
+        so_last_name=user_info["last_name"],
+        so_email=user_info["email"],
+        so_phone_number=user_info["phone_number"],
+        so_dod_id=user_info["dod_id"],
+        so_invite=True,
+    )
+
+    # create security officer
+    user_session(portfolio.owner)
+    client.post(url_for("task_orders.invite", task_order_id=task_order.id))
+
+    # security officer accepts invitation
+    user = Users.get_by_dod_id(user_info["dod_id"])
+    token = user.invitations[0].token
+    monkeypatch.setattr(
+        "atst.domain.auth.should_redirect_to_user_profile", lambda *args: False
+    )
+    user_session(user)
+    response = client.get(url_for("portfolios.accept_invitation", token=token))
+
+    # user is redirected to the task order review page
+    assert response.status_code == 302
+    to_review_url = url_for(
+        "portfolios.view_task_order",
+        portfolio_id=task_order.portfolio_id,
+        task_order_id=task_order.id,
+        _external=True,
+    )
+    assert response.headers["Location"] == to_review_url