If you already have other equipment which uses RADIUS, this is propably your best bet. Otherwise, I'd prefer TACACS+ as I like simple yet flexible protocols and Cisco's implementation of TACACS+ is more mature than Cisco's Radius implementation. Furthermore, because TACACS+ runs over TCP instead of UDP as it is the case with RADIUS, the transport is more reliable and less sensitive to disruption of the lower layers. This becomes important when the AAA protocol run over slow WANs.
TACACS+ separates authentication and authorization, whereas RADIUS provides a user profile with the authentication which defines all the user-specific parameters. The separation allows you to e.g. user Kerberos authentication together with TACACS+ authorization.