Case File · Study Guide

RMS Data Migration & Integration

Interview Ready
SubjectAxon Records / Evidence
RoleSr. Solutions Architect
Objective AAbsorb client data into RMS
Objective BConnect on-prem RMS to cloud
TL;DR — read this twice
  • This role is really two jobs: (1) migrating legacy agency data into Axon Records/Evidence, and (2) architecting durable cloud-to-on-prem integrations where the agency keeps its legacy RMS.
  • Master three domains: migration methodology (ETL/ELT, phased vs. big-bang vs. parallel run, hash-based reconciliation), the law-enforcement data-standards stack (NIEM/LEXS, NIBRS, CJIS v6.0, N-DEx), and hybrid integration patterns (REST/OAuth2 APIs, iPaaS vs. ESB, queues/webhooks, private connectivity).
  • Know cold: Axon Records is cloud-native, CAD-agnostic, and NIBRS-compliant, built on Axon Evidence; hosted on a mix of Azure + AWS; CJIS-compliant and FedRAMP High; integrations run through a REST Partner API (OAuth2/OIDC + JWT) with HMAC-signed webhooks.
  • Every behavioral answer: STAR method, mapping your Oracle/enterprise migration experience onto CJIS-regulated, 24/7, mission-critical constraints.
  • Have a tight, numbered answer ready for "how do you reverse-engineer an undocumented legacy database" — see Section 03 for the full 8-step workflow.
01

Legacy RMS Landscape

Every legacy vendor story is a consolidation story — and most are actively sunsetting on-prem products, which is exactly what's forcing agencies to Axon right now.

VendorKey ProductsNotes
CentralSquareTriTech, Superion, Zuercher, OSSI, Tiburon, IMCDominant in large-city/county CAD; actively sunsetting legacy lines
Tyler TechnologiesNew World (RMS/CAD), BrazosCommon mid/large agency footprint
Motorola SolutionsPremierOne, Spillman Flex, CommandCentralSpillman ran both Windows & Unix historically
HexagonHxGN OnCallLarge CAD deployments
Mark43Cloud-native RMS/CADAxon competitor; also an Axon Fusus integration partner; runs on AWS GovCloud
Know cold

Backends are almost always Oracle or SQL Server. Expect free-text narrative fields, scanned-document blobs, proprietary schemas, and little to no documentation.

Data domains & their migration pain points
  • Incident/offense reports — free-text narratives, officer/participant links, NIBRS coding differs by legacy system.
  • Arrests & bookings — charge codes must crosswalk to state + NIBRS codes; mugshots are binary attachments needing metadata linkage.
  • Evidence/property — chain-of-custody integrity is paramount.
  • Warrants — active vs. served/cleared status, often tied to NCIC.
  • Case management — investigative files linking multiple incidents/people/evidence.
  • Master Name Index (MNI) — the hardest artifact: one person repository referenced by every module, riddled with duplicates ("John Doe" vs "John A. Doe").
  • NIBRS/UCR crime data — must stay reportable across the SRS→NIBRS boundary.
Calgary Police Service migrated nearly four million criminal case-file records off a system used for more than 40 years, using staged go-lives and reconciliation checkpoints at every step. — Uta Fox, CRM, ARMA Magazine (March 2019)
02

Migration Methodology

ETL vs. ELT vs. CDC

ETL (transform before loading) fits RMS migration best — the target has a rigid schema and needs heavy business-rule transformation. ELT suits analytics/data-lake modernization more than a structured RMS target. Change Data Capture (CDC) streams source changes to keep old and new systems synced for near-zero-downtime cutover.

Choosing a cutover strategy

StrategyBest forRiskDowntime
Big bangSmall agencies, clean dataHighShort window
Phased / incrementalLarge agencies, by module or date rangeLowerLonger, spread out
Parallel runMission-critical 24/7 operationsLowestNone until validated (60–90 day overlap)

Best practice: a hybrid — big bang for low-risk data, phased/parallel for the mission-critical core. Always pilot with a low-complexity workload first.

Mapping, cleansing, and validation

  • Field-level crosswalks: agency/state offense codes ↔ NIBRS Group A/B codes; charge codes ↔ state DOJ/CJIS codes.
  • Dedup: profile data quality first, then run entity resolution (name + DOB + address + phone) to collapse duplicates into golden records — records staff should adjudicate ambiguous merges.
  • Unstructured data: carry free text and scans across as attachments with preserved metadata even when they can't be parsed into fields.
  • Reconciliation: row counts and control totals at every checkpoint, plus cryptographic hash comparison (SHA-256) to prove files transferred intact.
Interview alert

Expect: "An agency on a 20-year-old Oracle RMS can't tolerate downtime — walk me through your approach." Answer arc: profile → map/crosswalk → build a conversion test environment → phased/parallel run with CDC → reconcile via counts + hashes → UAT sign-off → weekend cutover with go/no-go and rollback → post-migration hypercare.

Rollback planning

Define go/no-go criteria and rollback triggers before cutover. Keep the legacy system as the system of record until reconciliation passes fully.

03

Mapping Undocumented Legacy Databases

Every RMS migration starts here: a database nobody currently at the agency fully understands. This is a repeatable, provable workflow rather than guesswork — treat it as an investigation, not a reading exercise.

Interview alert

This maps directly onto: "Walk me through how you'd analyze an undocumented client RMS to determine where all the data lives before making changes." Walk the interviewer through the numbered workflow below in order — it reads as a methodology, not a war story.

The workflow, in order

  1. Pull the metadata first. Every RDBMS exposes its own schema via system catalogs before you touch a single row of data: INFORMATION_SCHEMA, sys.tables, sys.columns, sys.foreign_keys on SQL Server; ALL_TABLES, ALL_TAB_COLUMNS, ALL_CONSTRAINTS, DBA_DEPENDENCIES on Oracle; information_schema, pg_constraint, pg_depend on Postgres. Extract full DDL for every table, view, procedure, and trigger. Even where foreign keys were never enforced — extremely common in old systems, where devs skipped FK constraints for performance — naming conventions (cust_id, CustomerID, fk_customer) give a first-pass relationship map.
  2. Generate a visual ER diagram automatically. Don't hand-draw this. SchemaSpy, DBeaver's built-in ER view, or ER/Studio crawl catalog metadata and produce a diagram in minutes, including inferred relationships from naming patterns even where constraints don't exist. This gives a skeleton to correct rather than a blank page.
  3. Profile the data to infer relationships that aren't declared. Run cardinality and value-containment checks — does orders.customer_id actually contain a subset of values from customers.id? That's a strong FK signal even without a constraint. Null rates and distinct counts reveal whether a column is a real foreign key, a denormalized cache, or dead legacy cruft. This turns "I think these tables are related" into "I can prove these tables are related."
  4. Instrument live traffic, not just structure. Static schema shows what could relate; it doesn't show what actually happens. Turn on SQL Server Extended Events/Profiler, Oracle SQL Trace/AWR/ASH, or general query logging for a day or two of normal operation. Watching real SELECT/JOIN/UPDATE statements fire is often the fastest way to find true data flow.
  5. Grep the application layer, not just the database. Business logic usually lives half in the database (stored procs, triggers, views) and half in application code (ORM models, embedded SQL, config files). Search the codebase for table names once you have them. DBA_DEPENDENCIES / sys.sql_expression_dependencies shows which procs/views touch which tables — a fast dependency graph without reading every line of code.
  6. Work backward from known outputs. Rather than mapping the whole database forward, pick a report, dashboard, or screen the business actually relies on and trace it backward — what view feeds it, what tables that view joins, what those tables' upstream sources are. This is usually faster than mapping everything, and it naturally prioritizes the tables that matter for the migration instead of the dead weight most legacy systems accumulate.
  7. Talk to the humans who touch the data. The person with the most institutional knowledge on an old system is rarely IT — it's the records clerk or power user who's run the same report for 15 years and knows exactly which field is unreliable and why. A 20-minute conversation can save days of forensic SQL work.
  8. Document incrementally, as a living artifact. Build a data dictionary/lineage doc as you go — table → purpose → key relationships → known quirks — even if it's rough. The documentation becomes a deliverable in its own right and keeps you from re-discovering the same table three times.
Know cold

At scale, automated data-lineage tools (Manta, Collibra, or open-source OpenLineage/Marquez) can perform steps 3–5 continuously across an enterprise. For a single legacy RMS, the manual workflow above is usually faster and gives you a methodology you can speak to concretely in an interview.

04

Standards & Compliance

This is the part most likely to get quizzed directly — get these facts precisely right.

StandardFull nameWhat it governsKey fact
NIEMNational Information Exchange ModelEnterprise data-exchange grammar (DOJ/DHS/HHS)Superseded the legacy GJXDM standard
LEXSLogical Entity eXchange SpecsNIEM-based family of IEPDs for sharing LE dataLEXS 3.1 is based on NIEM 2.0; used by N-DEx
LEITSCLE Info Technology Standards CouncilFunctional spec baseline for RMS/CADBuilt with IACP, NSA, NOBLE, PERF, IJIS
NIBRSNational Incident-Based Reporting SystemFBI crime-reporting modelEliminated the hierarchy rule; up to 10 offenses/incident
CJIS v6.0CJIS Security PolicyCloud/vendor handling of Criminal Justice InfoReleased Dec 27 2024; mapped to NIST 800-53 Rev. 5
N-DExNational Data ExchangeFBI/CJIS cross-agency data sharingUses NIEM, LEXS, and its own IEPD (v2.1.1)
Know cold
  • NIBRS replaced the old Summary Reporting System (SRS), which only counted the single most serious offense per incident. The FBI went NIBRS-only in 2021, then reversed and now accepts both SRS and NIBRS.
  • Each state has its own NIBRS flavor — local systems must extract and format the NIBRS-required subset for state UCR submission.
  • CJIS v6.0 introduces P1–P4 priority tiers across 20 policy areas; MFA is a P1 control, auditable since October 1, 2024.
  • Encryption must use FIPS 140-validated modules, in transit and at rest — plain TLS alone doesn't satisfy CJIS.
  • Audit logs must be retained for 365 days minimum. Cloud vendors must sign the CJIS Security Addendum.
05

Integration Architecture

For objective (2) — the agency keeps its on-prem RMS, and you connect it to Axon's cloud.

iPaaS vs. ESB — a likely whiteboard question

  • ESB — on-prem hub-and-spoke (IBM MQ, TIBCO, Oracle Service Bus). Strong for legacy SOAP/JMS, high-throughput on-prem messaging. Heavy, slow to change.
  • iPaaS — cloud-native, API-first, elastic, webhook-ready (MuleSoft Anypoint, Boomi, Workato). The right default for connecting cloud SaaS to on-prem via secure tunneling agents.

Senior framing: recommend iPaaS/API-led for new work; retain/wrap the ESB only for legacy SOAP/MQ constraints, and run it in parallel during a 60–90 day decommission window.

Messaging, connectivity, and data strategy

  • Queues for reliable async sync with dead-letter handling; webhooks for event-driven push; batch/SFTP still valid for bulk historical loads.
  • Private connectivity: site-to-site VPN, or Direct Connect/ExpressRoute-style private circuits — all must satisfy CJIS FIPS-validated encryption.
  • Replication vs. federation: replication copies data to the cloud (supports analytics, raises duplication concerns); federation queries in place (less duplication, latency depends on source). For "connect without migrating," federation plus selective replication of what Axon needs is often the sweet spot.
  • CAD-to-RMS: must be low-latency — Axon's own CFS feed lands in Records within 3–5 minutes.
06

Axon Ecosystem

Axon-specific

Axon Records is cloud-native, CAD-agnostic, and fully NIBRS-compliant, built on top of Axon Evidence (Evidence.com). First deployed at Fresno PD (2019); Oklahoma City PD is a flagship modernization story.

ComponentWhat to know
HostingMix of Microsoft Azure and AWS, both CJIS-compliant; historically Azure-primary; government workloads on Azure Government (FedRAMP High, DoD IL4/IL5)
ComplianceFedRAMP High via the Joint Authorization Board (Dec 20, 2022) across Evidence, Respond, and Records; CJIS-compliant for over a decade
Partner APIREST over TLS 1.2+, OAuth2/OIDC + JWT; credentials = Client ID, Client Secret, Partner ID; default-deny per-resource permissions
Migration toolingXTMT (CLI migration tool), Axon Channel Services (AFE-assisted SOW migration with hash-verified transfers)
WebhooksHMAC-signed, async, sample consumer published on GitHub
CAD / CFSThird-party CAD data lands in Records within 3–5 minutes; queryable in the Axon Records DataStore
NIBRS submissionReal-time validation engine; state-specific Master Charge Table maps offenses to NIBRS/UCR/CJIS codes

Note: a competitor blog claims Evidence is "exclusively AWS" — Axon's own current statement describes a mixed Azure + AWS model. Describe it as multi-cloud if asked, rather than committing to one.

07

Interview Prep

Likely question themes

  • How do you decide big-bang vs. phased vs. parallel? (→ function of agency size, downtime tolerance, data risk)
  • Design a connection where the agency keeps its on-prem RMS. (→ API-led/iPaaS + event-driven sync over private connectivity; replication vs. federation per data domain)
  • How do you guarantee data integrity and chain of custody? (→ SHA-256 hashing end to end, reconciliation checkpoints, immutable audit logs)
  • How do you handle CJIS during migration? (→ FIPS-validated encryption, MFA, audit logging, signed Security Addendum, least privilege)
  • How do you handle resistance from records staff and officers? (→ involve them early as SMEs, especially for dedup adjudication; train heavily; pilot; create champions)

STAR framing with your background

Translate "enterprise Oracle migration" into "mission-critical, 24/7, regulated data" — the constraints map directly. Prepare 3–4 reusable stories: a downtime-minimizing cutover, a data-integrity save, a difficult stakeholder you converted, and a build-vs-integrate architecture decision. Quantify results wherever you can: records migrated, reconciliation accuracy, downtime achieved, adoption rate.

08

Study Plan

Stage 1 — Highest ROI

Memorize the NIBRS story, the CJIS pillars, and the migration strategy trade-offs. Most likely to be tested, easiest to get precisely right.

Stage 2 — Axon specifics

Be able to sketch Records on Evidence, hosted on Azure/AWS, CJIS + FedRAMP High, integrated via REST/OAuth2 with hash-verified migration tooling.

Stage 3 — Whiteboard practice

Rehearse the "keep the on-prem RMS, connect to Axon" scenario out loud — choose iPaaS over ESB, replication vs. federation, name CJIS controls at each hop.

Stage 4 — Stories & questions

Prepare quantified STAR stories. Ask about their Channel Services delivery model and state-by-state NIBRS certification process.

09

Caveats

  • Cloud-hosting sources conflict — treat Axon's own "mix of Azure and AWS" statement as authoritative.
  • Exact Partner API endpoint schemas are behind login; don't overclaim specific paths.
  • Market-size and vendor-share figures vary by research firm — use directionally.
  • This is a no-coding interview — prioritize architecture, methodology, and standards over syntax.