@prakharmahe 

you can run a fix script for this in DEV first and then once good run in UAT, PROD

var WATCHLIST_GROUP_SYS_ID = 'PUT_YOUR_GROUP_SYS_ID_HERE';
var COMPANY_SYS_ID = 'PUT_YOUR_COMPANY_SYS_ID_HERE'; // optional
var updated = 0;

var members = [];
var memberGR = new GlideRecord('sys_user_grmember');
memberGR.addQuery('group', WATCHLIST_GROUP_SYS_ID);
memberGR.addQuery('user.active', true);
memberGR.query();

while (memberGR.next()) {
    members.push(memberGR.getValue('user'));
}

if (members.length === 0) {
    gs.info('No active users found in watchlist group.');
} else {
    var incGR = new GlideRecord('incident');
	incGR.addActiveQuery();
    incGR.addQuery('company', COMPANY_SYS_ID); // remove this line if not needed
    incGR.query();

    while (incGR.next()) {
        var existing = incGR.getValue('watch_list') || '';
        var arr = existing ? existing.split(',') : [];
        arr = arr.concat(members);
        arr = new ArrayUtil().unique(arr);

        var newWatchList = arr.join(',');
        if (newWatchList != existing) {
            incGR.setValue('watch_list', newWatchList);
            incGR.setWorkflow(false);
            incGR.autoSysFields(false);
            incGR.update();
            updated++;
        }
    }

    gs.info('Incidents updated: ' + updated);
}

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

@prakharmahe 

Thank you for marking my response as helpful.

Do you require further help?

💡 If my response helped, please mark it as correct ✅ and close the thread 🔒— this helps future readers find the solution faster! 🙏

if the incident is resolved, cancelled or closed, still it will add the user to watchlist or not?

Hi prakharmahe,

This is a configuration-related behavior. By default, ServiceNow's watch list captures the list of users or groups at the exact moment the incident is created or updated. 

Here are two solutions to address this issue:

Solution 1: Update the ACL (Recommended / Best if you want to avoid scripts)

If you prefer not to touch or maintain any custom scripts, the best approach is to modify the Access Control List (ACL).

You can update the Read ACL condition or script to check if the current user belongs to the group listed in the watch list (e.g., using current.watch_list.contains(my_groups) logic).

Any new user added to the group will automatically gain access to past incidents without modifying the records themselves.

Solution 2: Run a Fix Script (As suggested above)

As Ankur mentioned, you can run a Fix Script to bulk-update the watch_list field on all existing incidents for that company.

However, please note that this is a one-time data fix and you may need to run it again if this happens with other users in the future.

var gr = new GlideRecord('incident');
gr.addQuery('company.name', 'xyz'); 

gr.query();
while (gr.next()) {
    var watchList = gr.getValue('watch_list') || '';

    if (watchList.indexOf('NEW_USER_SYS_ID') === -1) {
        watchList += (watchList ? ',' : '') + 'NEW_USER_SYS_ID';
        gr.setValue('watch_list', watchList);
        gr.setWorkflow(false); 
        gr.update();
    }
}

I highly recommend going with Solution 1 (ACL update) for a permanent and configuration-based fix.

Hope this helps!