First, to use chrooting, you will have to build a new patched SSH daemon that supports chrooting:
1) That is not easy to predict, normally there should be no risk as the chroot script just adds a few directories and files to the users directory.
2) New and updated sites.
4) First you will have to install suphp:
and then enable SuPHP in ISPConfig. Afterwards you will be able to specify a custom php.ini in the apache directives field with a suphp directive.