An effectiveness review verifies whether an implemented corrective action has actually resolved the underlying problem. ISO 27001 Clause 10.1 requires that the effectiveness of corrective actions be evaluated. Methods range from retesting and audit sampling to analyzing whether similar incidents recur. In an ISMS, you document the effectiveness review in the CAPA register. Without this check, you have no assurance that your corrective action is working or merely papering over the issue.