I'd like to thank the relevant parties (*waves at StartCom*) for bringing an important correction to my notice.
I previously followed somebody else's summary of the Mozilla CACert inclusion battle, rather than reading the 135 entries on the official Mozilla bug for the matter. More importantly, their summary unfortuntely lead me to make a bad conclusion (probably aided by a lack of sleep on my part when writing up my presentation on the morning of BarCamp, due to the cold, hard, concrete floors), which was the statement "CACert audit by 'We!' funded by StartCom".
This was brought to my attention this morning, and I slogged through the bug mentioned as well as other sources, and found that StartCom was audited by We! Consulting, and the same was only suggested for CACert. According to one source that commented on my previous post, CACert refused We! Consulting, but I can find nothing else to back up that statement. However, I do find nothing to indicate that they presently have anybody lined up to audit them. I'd like to repeat that for good measure however - CACert is not being audited presently, nor is any audit of them being funded by StartCom.
Some other research on the matter provides the following links from the CACert wiki, which include a TODO list on CACert's audit process (in short - not yet, there's still paperwork on CACert's side in the way); as well as an invitation page listing CACert's criterion for an auditor.