Of course, all the KPMG audit really says is "GeoTrust has a policy about checking the documentation of people who request certificates", and there's part of the problem: there's no way for a CA to make an attestation that they've implemented the technology competantly, because no third party will certify that attestation.
The person who manages to get their "Live Chat" people to respond to questions about this (perhaps by asking as a "prospective customer concerned about stories in the news") is going win a Hacker News karma bonanza.