In creating a new database, the client wants to mirror it from an existing database. 

The client has access to defining resource profiles within class CHA1VIEW, however, they do not have complete access to some of the resources to clone them.

With that, what is the best way to architect the external security for a new database?

Should the View security administrator define the resources, and provide access to the RACF administrator, to update the REPT and VIEW resources? 

View manages security with a single security class, CHA1VIEW, and 14 resource types. 

The View administrator should be the one to define and own the resources, and provide access to others, including the RACF admin.  

Of the 14 resources, REPT (for reports) and VIEW (for logical views) are important. 

However, also of importance is the DBAS resource (for SARDBASE functions).