Cloud Native requires a rethinking of traditional governance and security models. Instead of manual controls and fixed processes, the focus shifts to automation, policy as code and shift left security, where security is addressed early in the development phase. Roles and responsibilities change: development teams take more ownership of compliance and security, while governance focuses on frameworks, monitoring and continuous improvement. Access management also evolves, moving from network boundaries to identity, context and zero trust principles. By translating policies into automated rules and controls, governance remains effective and scalable in a dynamic Cloud Native environment.