Who dismissed the user risk?

I have several users who have had their risk status dismissed in Azure. Some of them have a risk detail of 'Admin dismissed all risk for user', and some of them are blank. 

I have read that if Azure automatically dismissed the risk, then it would read something like 'Azure AD Identity Protection assessed sign-in safe'. 

However, when I check the risk detail for these entries there is nothing, just '-' (see image).

How do I find out who/what dismissed the risk, and where do I audit these events? I can find nothing in the Azure Audit logs for the user accounts in question.  

I have read that it could be down to our risk policies, but where would I find what policy (if any) has been triggered? And surely I could still audit these events in the audit logs?