As opposed to Penetration Testing services, a Security Assessment is performed through the perspective of a security administrator (rather than a hacker).
In many cases, organizations do not prefer to employ penetration tests because of a myriad of reasons (such as legal, service disruption concerns, or budget). In this case, a Security Assessment can be the optimal choice, as it allows organizations to check the security configurations, database, physical infrastructure… etc, without having to perform a full penetration test.
Simply put, a Security Assessment is the process of securing systems & networks in the mindset of the security administrator.
Hackers always exploit bad configurations, so be ready!