Penetration testing is methodology to identify the robustness of a security ecosystem by identifying possible vulnerabilities/weakness, exploiting them and reporting it to back the management.
Penetration testing allows an organization to perform:
Security assessment of newly installed products
or patches
Risk validation for a business merger or
acquisition
Regulatory compliance check
Validation of business continuity programs
Due Diligence and required protection of
end-user data
And implement the missing security policy if any
gaps were discovered.