Third-Party Security Audits

I'm a (young) sysadmin who is responsible for a relatively small (~ 30 employees, ~ 30 Desktops, ~5 notebooks, 2 Offices) company. We mostly live in Windows land (Windows 10 machines, most people use Office 365 for their jobs).

I'm quite happy with what we've built so far, but I also know I probably have a personal bias towards my work.

Hence I'd like to hear opinions and recommendations regarding companies that do security audits. What are the most famous companies that perform this sort of work? Is it useful? Is there any standard seal / certificate regarding IT office security? I've searched a bit and asked around, but couldn't find anything beyond "That stuff is expensive!".

Any help is appreciated!