The services trust portal holds the audit and compliance reports for Microsoft Cloud Services. At this point the Azure commercial penetration test report which you have downloaded is the one present for auditing azure cloud services as a whole. The report was updated on 11th nov 2019 and published on 7th feb on the services trust portal . There is no new report published for azure commercial after that date.
As for your original request about Micorosft Identity Manager 2016 , we do not have a pen testing report for this product which can be shared publicly . Internal audits and checks are done using strict Security development practices for all of our products and MIM 2016 goes through the same rigorous checks. I would suggest you to install all the latest updates for the Microsoft Identity Manager 2016 and you should not see any issues. However considering the world of cybersecurity nothing is 100% secure and if you find anything in your audit/pen testing of MIM 2016 components , we would request you to report it to our Microsoft Security Response Center and we will help you with the same.
You can raise an issue on the MSRC portal using the link as shown above if you find something problematic in your private audit of the product . At this point , unfortunately we do not have any public report on MIM 2016 to share on this with you . Hope this clarifies your query. In case the information is helpful , please do accept the post as answer so that it helps other members of the community with similar questions. Should you have any further questions on this, do let us know and we will be happy to help further.
Thank you.