“Provision 29 sets a new standard for board accountability. It requires evidence, not assumptions. Protecht helps boards move from paper compliance to assured governance, building confidence in every control statement.”
– Gary Lynam, Managing Director EMEA, Protecht
Key information and topics covered
Provision 29 of the UK Corporate Governance Code marks a major shift in board accountability.
From January 2026, boards must not only confirm that internal controls exist: they must publicly declare that those controls are effective. Yet many organisations lack a clear view of what “material controls” are, how to test them, and how to evidence performance over time.
This eBook explains what Provision 29 means in practice and how to build a reliable declaration process that meets stakeholder and regulator expectations. Learn how to define materiality, embed control testing into risk management, and provide credible, board-level assurance that risks are being actively managed.
Find out how leading organisations are already applying these principles to strengthen governance and competitive advantage.
Whether you’re a listed company preparing for 2026 or adopting UK best practice voluntarily, this guide will help you turn compliance into confidence and prove your controls work.
What you will learn
- Interpret Provision 29 and understand what “material controls” mean in practice
- Benchmark your internal control maturity against governance expectations
- Design a roadmap from risk registers to real, evidenced assurance
- Build quarterly testing and evidence cycles that support year-end declarations
- Engage boards and committees in meaningful oversight and challenge
- Use Protecht to connect risk, assurance and reporting in one system
Who should read
- Board members & executives: Gain visibility and confidence ahead of the new control declaration
- Risk, audit & compliance leaders: Replace manual testing with structured, repeatable assurance
- Governance and company secretariat teams: Align reporting and board governance with Provision 29 expectations
- Internal control and assurance functions: Benchmark maturity and plan improvements across design and testing
How Protecht helps
- Structured control library aligned to COSO and ISO 31000: Standardise control design and testing across the organisation
- Risk–control mapping: Demonstrate top-down alignment between strategy, risks and assurance activities
- Simplified testing and real-time dashboards: Track control effectiveness and remediation progress continuously
- Provision 29 maturity checklist: Evaluate readiness and identify gaps across risk identification, control design and assurance – download now
