PCI-DSS is a mostly technical set of controls that are applicable to any organisation which stores, processes or transmits credit card data or anything that could affect the security of the card data. It is written by the PCI security standards council (PCI-SSC), mandated by the card brands (Visa, MasterCard, etc.) and enforced by the banks.
Security Awareness Training is an essential, proactive control, which allows organisations to get key messages across to employees.
ISO 27001 is an Information Security Management System (ISMS), which defines a process that allows organisations to identify their most valuable information assets and to protect them as required. In so doing, organisations can focus on key areas and allocate resources accordingly in a cost effective manner.