To fix this, I had to create an incident table write ACL that allowed ITIL write permission to incident table and then used the RCA_Status ACL to allow ITIL users write access to that specific field.  Same as needing a key to get in the building before getting in your office. Thanks for your assistance.