The term "De-Mail" is used in Germany to describe a secure and trusted communications infrastructure that is currently under construction. De-Mail can be used to send messages or documents reliably and protected from modification within a secure communications space. All De-Mail addresses correspond to communication partners whose identity has been verified. The operation of this infrastructure within a secure information domain is being handled by De-Mail service providers (DMDAs). To ensure the fully functional and secure operation of De-Mail, it is essential that all DMDAs fulfil certain security requirements and therefore comply with performance characteristics as specified by the Federal Office for Information Security (BSI). Security targets are audited as part of certification to ISO 27001 on the basis of IT-Grundschutz.

The audit is completed by a certified De-Mail Auditor and takes place on the premises of the DMDA to be audited.

This certification requires individuals to be certified as an "Audit team leader for certification to ISO 27001 on the basis of IT-Grundschutz". This means that, to be accepted for the certification process, each De-Mail Auditor must be in possession of a valid audit team leader certificate and have completed at least three full certification audits in relation to ISO 27001 on the basis of IT-Grundschutz.