Using a stored procedure doesn't stop people from having access to the table as well though. Although, in SQL2005 you can tell the stored procedure to execute to impersonate an appropriately privileged user, so that you can stop people from accessing the table without going through the stored proc.

But I would actually use a user-defined function instead, so that people can use it in queries. Just like a view in the way you use it, but like stored procedure because you can audit it better.

Rob