RACF security considerations for caching of dynamic SQL statements

Dynamic statements can be cached when they have passed the authorization checks.

If dynamic statement caching is enabled on your system, dynamic statements can be cached when they have passed the authorization checks. If the privileges that this statement requires are revoked from the authorization ID that is cached with the statement, then this cached statement must be invalidated. If the privilege is revoked in the exit routine this does not happen, and you must use the SQL statements GRANT and REVOKE to refresh the cache.