All Let's Encrypt CA Keys (both root and intermediate) are required to be stored solely on (and therefore, can only issue certificates from) FIPS-140-2 level 3 validated HSMs. This requirement is audited by the "WebTrust Principles and Criteria for Certification Authorities - SSL Baseline with Network Security - Version 2.6", which can be accessed from this page; you can see the requirement on Page 24, Principle 3, Criterion #11. In turn, Let's Encrypt is audited according to those criteria, and the most recent audit report can be accessed from this page. (Note that, as discussed in the other thread, the requirement does specifically contain the word "validated".) We would not be passing that audit if any of our keys were stored, or any of our certificate issuance was occurring, anywhere other than on a FIPS-140-2 level 3 (or better) HSM.
This should provide enough information to satisfy the auditors. Specifically, it directly addresses questions 2 (yes), 3 (N/A), and 5 (yes), and makes questions 1 and 4 irrelevant. If it does not, please provide additional information regarding why the auditors believe the WebTrust audit regime is insufficient for their purposes.