2 files changed, 56 insertions, 3 deletions

diff --git a/doc/share/authz/POLICY.md b/doc/share/authz/POLICY.md
index eccf362..16a0a57 100644
--- a/doc/share/authz/POLICY.md
+++ b/doc/share/authz/POLICY.md
@@ -47,6 +47,59 @@ PaC policy engine characteristics:
  ---------
 ```
 
+Selection Criteria:
+
+* Alignment
+  - Technical Capabilities of team.
+  - Internal strategy for how tools and applications are adopted/managed.
+  - Fits the need and internal standards driving the decision
+  - Primary use cases match our use cases
+* Analytics
+  - logging
+  - metrics
+  - auditing
+* Automation
+  - CI/CD Pipelines
+  - Automated Deployments
+* Documentation
+  - Examples
+  - Patterns
+  - Understandable
+* Adoption
+  - Who is using this?
+  - How much adoption has this project seen?
+  - Active?
+  - Project Maturity
+  - Support Model
+  - Intuitive
+* Complexity
+  - Installation
+  - Deployment
+  - Configuration
+  - Operation Modes (server, library, CLI)
+* Reporting
+  * Standard reporting tools e.g. [OSCAL](https://pages.nist.gov/OSCAL/)
+* Security
+  * Risks, vulnerabilities
+  * Tools and processes for security issue discovery
+* Extensibility
+  * Can custom code be written to extend the language.
+
+Scorecard
+
+| Selection Criteria | Casbin | Cedar | Rego |
+| ------------------ | ------ | ----- | ---- |
+| Alignment          |        |       |      |
+| Analytics          |        |       |      |
+| Adoption           |        |       |      |
+| Automation         |        |       |      |
+| Documentation      |        |       |      |
+| Complexity         |        |       |      |
+| Reporting          |        |       |      |
+| Security           |        |       |      |
+| Extensibility      |        |       |      |
+| Total              |        |       |      |
+
 ## Security Context/Scope
 
 1. Single resource
diff --git a/doc/share/authz/README.md b/doc/share/authz/README.md
index b052ea8..75c7757 100644
--- a/doc/share/authz/README.md
+++ b/doc/share/authz/README.md
@@ -13,10 +13,10 @@ identity of subjects and/or groups to which they belong.
 
 * [What is a policy?](./POLICY.md)
 * Policy Language Evaluation
-  * Zanzibar
-  * [Dafny](https://dafny.org/)
-  * Cedar
   * Casbin
+  * Cedar
+    * [Dafny](https://dafny.org/)
+  * Rego
 
 Criteria for evaluating policy languages: