I understood there should be companies specializing in security consulting although I have never heard about them. Recently I surfed the net looking for a such company. One of them is WhiteHat . HP and IBM should have something similiar.
This is a right way to delegate security analysis to experts. It is hardly many companies have security professionals internally, isn't?