I'm a bit surprised that you would have the same security requirements on
the staging tables as a production table.
It seems to me that tables that are part of an application should be
governed by the application security model, and I normally work from having
PUBLIC *EXCLUDE, or *PUBLIC *READ as my preferred model - all other access
being via the application interfaces.
In my experience, staging tables often require lower levels of security -
for example having a specific user having *MANAGE rights, or even the
ability to create a table in the IFS or in a library, so my preference is
to have this "cordoned off" in a separate library.
Or maybe I'm just misunderstanding the usage of the term staging tables in
I can't imagine staging tables with the same layout as production
tables. By that I mean that generally speaking, inbound data isn't
typically normalised. Or free of decimal data errors (commas, decimal
points, minus signs and currency symbols in amounts, slashes or dashes
in dates, etc.) So in my case, I always use different names for the...
raw input as opposed to the final destination, production tables. I
keep them in the same library because they have similar security
requirements. If I don't want someone peeping at birth dates in
production, I probably don't want them peeping at them in a staging
table, no matter how transient that data may be.