Quoted:
Is there a specific regulation that you're auditing against? Network penetration test or something else?
Most of the large technology providers have customer audit & assessment teams, so if you need something simple and already have an account rep with Dell, HP, VMWare, Cisco, etc. I'm sure they would sell you one.
If not, there are plenty of smaller shops that offer more a vulnerability assessment service and provide reports as wintermute described at a very affordable rate depending on the scope.
Aside from the smaller shops option, most of them use "Nessus" or one of the other free scanners maybe slightly modified.
The scan can be done by yourself. (Be careful doing it from home, some providers may spot it and shut off your home Internet.)
That said, the above is very true, you really need to figure out what you are addressing before bothering with it. You can get caught up in all kinds of smoke and mirrors and miss important things, and every scan will have false postitives... if you have a nervous nancy of some kind in power you may be starting a shitstorm that never stops. You will need to count on several hours of Googling to make sure you understand the ramifications (and can show it's a false positive) of each item, and then have people looking at the reports that can actually read....
Avoid the whole thing if you can.