Internal Auditors tend to work at large companies and are responsible for ensuring that corporate computers are compliant to internal security mandates and external regulations, such as Sarbanes-Oxley, HIPAA, PCI, etc.
External Auditors are typically consulting firms or professionals specializing in audit & compliance. They act on behalf of a company to provide an external assessment of how a company is adhering to their internal security mandates and external compliance regulations. They typically report their findings back to the CIO or CFO, acting as a second set of eyes on how well the IT department is doing their job.
Managed Services Providers, or MSP's are IT companies who specialize in managing the IT infrastructure of their customers. They are responsible for a defined set of services provided to their customers either proactively or as they determine the services are needed.