After enabling Risk in Identity Portal, we use the Access module to search for users.
Once a user has been selected, a pop up appears about user not being in scope. The user is indeed within scope and found in IM when running a similar search
Release : 14.3
Component : SIGMA-Identity Suite
User Store: RDBMS
Search screen is configured with fields from secondary (not USER) table
IP Access Module search can only support User Managed object attributes which are part of the USER table when Risk is enabled. So, USER attributes from multiple tables are not supported to evaluate risk.