A data breach or ransomware or any type of malicious hack onto your systems is very serious. 60% of businesses that suffer a cyber attack are out of business within six months*. So we're talking about your business. Your livelihood. Your reputation.
If by "that" you mean IT maintenance and help desk support, great. But if by "that" you mean managing your cyber risk and vulnerabilities and your legal responsibilities to your clients and government and state agencies, not good.
No way. We want to work with your IT department or partner. We should work together to make your systems as secure as they should be. However, keeping all of your cyber risk under IT is very bad idea (see above).
Your first step should be to have a conversation with your IT department or contractor and say that you are subscribing to a "separation of concerns" for IT and cyber security. You should tell them that because of what you have to lose (see "What do I have to lose" above), you need to implement some checks and balances and that you are going to have a third party perform audits and assessments from time to time - we recommend at least once per quarter.