It is necessary for every organization to identify its own weakness and work on patching/covering those weakness before someone else exploits such weakness.
Vulnerability Assessment is one time and tested activity where an organizations security flaws and weakness are reported. This ensure that all the flaws and loopholes are made fully aware to that organization. This helps the organisation to plan the next actions that can be taken to fix these vulnerabilities.
Penetration Testing is done to really understand how much of the reported vulnerabilities really pose a threat to the organization. Penetration testing is one step beyond the vulnerability assessment where you attempt to exploit the found vulnerability of the organization.